Cross-Site Scripting Vulnerability in Adobe JRun 4.0 Administrator Console
CVE-2006-5860

Currently unrated

Key Information:

Vendor: Adobe
Status: Jrun; Coldfusion
Vendor: CVE Published:; 14 February 2007

What is CVE-2006-5860?

The administrator console of Adobe JRun 4.0 harbors a cross-site scripting (XSS) vulnerability that enables remote attackers to inject and execute arbitrary web scripts or HTML. This flaw, present when used in conjunction with ColdFusion, may exploit various unknown vectors, leading to potential unauthorized access or other malicious activities. Users and admins are advised to implement security measures promptly.

References

http://secunia.com/advisories/24093

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2007/0594

vdb-entryx_refsource_VUPEN

https://exchange.xforce.ibmcloud.com/vulnerabilities/32475

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 14, 2007
Vulnerability Reserved
Nov 10, 2006