Cross-site scripting (XSS) vulnerability in the validation feature in Macromedia ColdFusion 5 and earlier allows remote attackers to inject arbitrary web script or HTML via a "_required" field when the associated normal field is missing or empty, which is not sanitized before being presented in an error message.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2006-05-15T16:00:00
Updated: 2017-07-19T15:57:01
Reserved: 2006-05-15T00:00:00
Link: CVE-2006-2364
JSON object: View
NVD Information
Status : Modified
Published: 2006-05-15T16:06:00.000
Modified: 2017-07-20T01:31:24.677
Link: CVE-2006-2364
JSON object: View
Redhat Information
No data.
CWE