Vulnerability in Adobe Coldfusion

CVE-2019-7816

ColdFusion versions Update 2 and earlier, Update 9 and earlier, and Update 17 and earlier have a file upload restriction bypass vulnerability. Successful exploitation could lead to arbitrary code execution.

EPSS: 0.684 (99.2th percentile) — read the EPSS interpretation.

Affected products

Adobe Coldfusion — versions Update 2 and earlier, Update 9 and earlier, and Update 17 and earlier versions

References

helpx.adobe.com/security/products/coldfusion/apsb19-14.html (x_refsource_CONFIRM)