Skip to content
Saturday, December 6, 2025
Low Published: Dec 12, 2006 Modified: Apr 09, 2025

CVE-2006-6483

2.6 CVSS SCORE
Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N
Share:

Description

Adobe ColdFusion MX 7.x before 7.0.2 does not properly filter HTML tags when protecting against cross-site scripting (XSS) attacks, which allows remote attackers to inject arbitrary web script or HTML via a NULL byte (%00) in certain HTML tags, as demonstrated using "%00script" in a tag.

CVSS Vector Details

Attack Vector Network
Attack Complexity High
Confidentiality None
Integrity P
Availability None

Affected Software Configurations

  • a adobe coldfusion 7.0 * * * * * * *
  • a adobe coldfusion 7.0.1 * * * * * * *

Weaknesses (CWE)

  • NVD-CWE-Other

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More
← Back to CVE Tracker