CVE-2016-1113

Published on: 05/10/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:05 PM UTC

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Certain versions of Coldfusion from Adobe contain the following vulnerability:

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2016-1113 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as MEDIUM severity.

CVSS3 Score: 6.1 - MEDIUM

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE REQUIRED
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
CHANGED LOW LOW NONE

CVSS2 Score: 4.3 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK MEDIUM NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE PARTIAL NONE

CVE References

Description Tags Link
Adobe Security Bulletin Vendor Advisory
helpx.adobe.com
text/html
URL Logo CONFIRM helpx.adobe.com/security/products/coldfusion/apsb16-16.html
Adobe ColdFusion Bugs Let Remote Users Bypass Security Restrictions and Conduct Cross-Site Scripting Attacks - SecurityTracker Third Party Advisory
VDB Entry
www.securitytracker.com
text/html
URL Logo SECTRACK 1035829
Adobe ColdFusion CVE-2016-1113 Unspecified Cross Site Scripting Vulnerability Third Party Advisory
VDB Entry
cve.report (archive)
text/html
URL Logo BID 90507

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationAdobeColdfusion10.0-AllAll
ApplicationAdobeColdfusion10.0update1AllAll
ApplicationAdobeColdfusion10.0update10AllAll
ApplicationAdobeColdfusion10.0update11AllAll
ApplicationAdobeColdfusion10.0update12AllAll
ApplicationAdobeColdfusion10.0update13AllAll
ApplicationAdobeColdfusion10.0update14AllAll
ApplicationAdobeColdfusion10.0update15AllAll
ApplicationAdobeColdfusion10.0update16AllAll
ApplicationAdobeColdfusion10.0update17AllAll
ApplicationAdobeColdfusion10.0update18AllAll
ApplicationAdobeColdfusion10.0update2AllAll
ApplicationAdobeColdfusion10.0update3AllAll
ApplicationAdobeColdfusion10.0update4AllAll
ApplicationAdobeColdfusion10.0update5AllAll
ApplicationAdobeColdfusion10.0update6AllAll
ApplicationAdobeColdfusion10.0update7AllAll
ApplicationAdobeColdfusion10.0update8AllAll
ApplicationAdobeColdfusion10.0update9AllAll
ApplicationAdobeColdfusion11.0-AllAll
ApplicationAdobeColdfusion11.0update1AllAll
ApplicationAdobeColdfusion11.0update2AllAll
ApplicationAdobeColdfusion11.0update3AllAll
ApplicationAdobeColdfusion11.0update4AllAll
ApplicationAdobeColdfusion11.0update5AllAll
ApplicationAdobeColdfusion11.0update6AllAll
ApplicationAdobeColdfusion11.0update7AllAll
ApplicationAdobeColdfusion2016-AllAll
ApplicationAdobeColdfusion10.0-AllAll
ApplicationAdobeColdfusion10.0update1AllAll
ApplicationAdobeColdfusion10.0update10AllAll
ApplicationAdobeColdfusion10.0update11AllAll
ApplicationAdobeColdfusion10.0update12AllAll
ApplicationAdobeColdfusion10.0update13AllAll
ApplicationAdobeColdfusion10.0update14AllAll
ApplicationAdobeColdfusion10.0update15AllAll
ApplicationAdobeColdfusion10.0update16AllAll
ApplicationAdobeColdfusion10.0update17AllAll
ApplicationAdobeColdfusion10.0update18AllAll
ApplicationAdobeColdfusion10.0update2AllAll
ApplicationAdobeColdfusion10.0update3AllAll
ApplicationAdobeColdfusion10.0update4AllAll
ApplicationAdobeColdfusion10.0update5AllAll
ApplicationAdobeColdfusion10.0update6AllAll
ApplicationAdobeColdfusion10.0update7AllAll
ApplicationAdobeColdfusion10.0update8AllAll
ApplicationAdobeColdfusion10.0update9AllAll
ApplicationAdobeColdfusion11.0-AllAll
ApplicationAdobeColdfusion11.0update1AllAll
ApplicationAdobeColdfusion11.0update2AllAll
ApplicationAdobeColdfusion11.0update3AllAll
ApplicationAdobeColdfusion11.0update4AllAll
ApplicationAdobeColdfusion11.0update5AllAll
ApplicationAdobeColdfusion11.0update6AllAll
ApplicationAdobeColdfusion11.0update7AllAll
ApplicationAdobeColdfusion2016-AllAll
  • cpe:2.3:a:adobe:coldfusion:10.0:-:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update1:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update10:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update11:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update12:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update13:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update14:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update15:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update16:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update17:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update18:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update2:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update3:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update4:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update5:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update6:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update7:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update8:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update9:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:11.0:-:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:11.0:update1:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:11.0:update2:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:11.0:update3:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:11.0:update4:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:11.0:update5:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:11.0:update6:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:11.0:update7:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:2016:-:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:-:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update1:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update10:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update11:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update12:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update13:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update14:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update15:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update16:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update17:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update18:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update2:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update3:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update4:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update5:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update6:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update7:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update8:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:10.0:update9:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:11.0:-:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:11.0:update1:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:11.0:update2:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:11.0:update3:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:11.0:update4:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:11.0:update5:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:11.0:update6:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:11.0:update7:*:*:*:*:*:*:
  • cpe:2.3:a:adobe:coldfusion:2016:-:*:*:*:*:*:*: