Adobe issued fixes for versions of its ColdFusion web development platform – including six critical flaws. Adobe has released patches fixing six critical vulnerabilities in its ColdFusion product that could lead to arbitrary code-execution. The flaws impact Adobe’s ColdFusion product, which is the company’s commercial web application development platform. Impacted are the 2016 (Update 6 and earlier versions) and the July 12 (2018) release of ColdFusion, as well as ColdFusion 11 (Update 14 and earlier versions). Overall, Adobe said ColdFusion contained nine flaws, including four critical deserialization of untrusted data flaws that could lead to arbitrary code-execution… Source link

Read More »