A security hotfix has been released for ColdFusion versions 10 and 11 on all platforms. The fix patches a potential vulnerability which could be used to disclose server information.
I hate to ask, but …
Since CF7 is no longer covered under core support, any idea on whether 7.x is impacted by this?
If the CF administrator is locked down via Windows Authenication, any idea on whether that is effective?
In the CF8 installed at my company, there are l10n files in several folders with different file-dates. Why are they not the same? Should all of them be replaced with this HOTFIX?