HomePentest-Tools.com Logo

Adobe ColdFusion WDDX Deserialization Gadgets CVE-2023-44353

Severity
CVSSv3 Score
9.8
Vulnerability description

Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.\n

Risk description

No risk description to display.

Recommendation

To mitigate this vulnerability, it is recommended to apply the latest security patches or upgrade to a newer version of OpenCATS that addresses the XSS vulnerability.

Codename
Not available
Detectable with
Network Scanner
Scan engine
Nuclei
Exploitable with Sniper
No
CVE Published
Nov 17, 2023
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available