CVE-2005-1555

Published: May 10, 2005Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in the JRun Web Server in ColdFusion MX 7.0 allows remote attackers to inject arbitrary script or HTML via the URL, which is not properly quoted in the resulting default 404 error page.

Affected (1)

Products: Macromedia: Coldfusion

Macromedia

1 product

Coldfusion

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Macromedia Coldfusion	Version 7.0

References (6)

http://marc.info/?l=bugtraq&m=111575500403231&w=2

Source: cve@mitre.org

http://www.macromedia.com/devnet/security/security_zone/mpsb05-03.html

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/20550

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=111575500403231&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.macromedia.com/devnet/security/security_zone/mpsb05-03.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/20550

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.