|
|
CVE Reference: CVE-2006-6483 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-6483 |
|
|
Description: Adobe ColdFusion MX 7.x before 7.0.2 does not properly filter HTML tags when protecting against cross-site scripting (XSS) attacks, which allows remote attackers to inject arbitrary web script or HTML via a NULL byte (%00) in certain HTML tags, as demonstrated using "%00script" in a tag. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/30841 ST 1017361 SREASON http://securityreason.com/securityalert/2021 SAID Secunia Advisory: SA23281 CONFIRM http://www.adobe.com/support/security/bulletins/apsb07-06.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/454046/100/0/threaded BID 21532 |
|
| Return to the previous page. |
