Skip to content
Saturday, December 6, 2025
Medium Published: Feb 14, 2007 Modified: Apr 09, 2025

CVE-2006-5859

4.3 CVSS SCORE
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Share:

Description

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 7.0 and 7.0.1, when Global Script Protection is not enabled, allows remote attackers to inject arbitrary HTML and web script via unknown vectors, possibly related to Linkdirect.cfm, Topnav.cfm, and Welcomedoc.cfm.

CVSS Vector Details

Attack Vector Network
Attack Complexity M
Confidentiality None
Integrity P
Availability None

Affected Software Configurations

  • a adobe coldfusion 7.0 * * * * * * *
  • a adobe coldfusion 7.0.1 * * * * * * *

Weaknesses (CWE)

  • CWE-79

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More
← Back to CVE Tracker