Adobe today released a critical security update for three ColdFusion products.

The flaw, CVE-2019-7816,a file upload restriction bypass if exploited could lead to arbitrary code execution in the context of the running ColdFusion service. The products affected are ColdFusion 2018, ColdFusion 2016 and ColdFusion 11.

The vulnerability has been spotted in the wild, Adobereported.