Adobe patches critical vulnerability in ColdFusion

Adobe today released a critical security update for three ColdFusion products.

The flaw, CVE-2019-7816,a file upload restriction bypass if exploited could lead to arbitrary code execution in the context of the running ColdFusion service. The products affected are ColdFusion 2018, ColdFusion 2016 and ColdFusion 11.

The vulnerability has been spotted in the wild, Adobereported.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.