Adobe has issued alerts on three vulnerabilities affecting its ColdFusion product. The first alert, issued on July 11, 2023, announced patches for CVE-2023-29298, an improper access control issue that ...

On Monday, the Cybersecurity and Infrastructure Security Agency (CISA) warned about a critical arbitrary code execution vulnerability (CVE-2023-26360) in Adobe ColdFusion 2018 and 2021. Risk of ...

CISA has added a critical vulnerability impacting Adobe ColdFusion versions 2021 and 2018 to its catalog of security bugs exploited in the wild. This critical arbitrary code execution flaw ...

Security researchers from Rapid7 have found active exploitation of multiple vulnerabilities in Adobe ColdFusion, a web development computing platform. On July 11, 2023, Adobe released patches for ...

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters. Some states have laws and ethical rules regarding solicitation and ...

The exploited code-execution flaws are the kind coveted by ransomware and nation-state hackers. As someone who used ColdFusion for years, I’m not in the ‘why would anyone use it anymore?’ camp.

Adobe recently issued a patch for a high-severity vulnerability for ColdFusion versions 2023.11 and 2021.17 and earlier; according to the National Institute of Standards and Technology (NIST), “an ...