ColdFusion Security Update

The ColdFusion team has announced a critical update to

ColdFusion 10 (Update 21)

and

11 (Update 10)

to address a

potential issue

associated with parsing crafted XML entities that could lead to information disclosure. CF2016 is not vulnerable to this issue. (ColdFusion 9 and earlier may be vulnerable, but are no longer supported. If you are running an older version of Coldfusion you really need to upgrade immediately).

ColdFusion Security Update

No comments yet

Leave a Comment