Reflected Cross-Site Scripting Vulnerability in Adobe ColdFusion
CVE-2026-48320
8.5HIGH
What is CVE-2026-48320?
Adobe ColdFusion is impacted by a reflected Cross-Site Scripting vulnerability, allowing attackers to inject malicious scripts into web pages. Exploiting this vulnerability may enable an attacker to gain unauthorized access or manipulate the victim's account or session. Victims must interact with the malicious file for exploitation to occur, raising significant concerns for users' security and data integrity.
Affected Version(s)
ColdFusion 2023 0 <= 21
ColdFusion 2023 0 <= 21
ColdFusion 2025 0 <= 10