CVE-2006-5860

CVE Database · CVE-2006-5860

CVE-2006-5860

· N/AModified

CVSS v3.1

N/A

EPSS

3.19%

Published

Feb 14, 2007

Modified

Apr 22, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Cross-site scripting (XSS) vulnerability in the administrator console for Adobe JRun 4.0, as used in ColdFusion, allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Weaknesses (CWE)

CWE-79

Affected Products (6)

adobe · coldfusionvulnerable

adobe · jrunvulnerable

References (16)

http://osvdb.org/32122

http://secunia.com/advisories/24093

http://www.adobe.com/support/security/bulletins/apsb07-05.html

Patch

http://www.securityfocus.com/bid/22547

Patch

http://www.securitytracker.com/id?1017646

http://www.securitytracker.com/id?1017647

http://www.vupen.com/english/advisories/2007/0594

https://exchange.xforce.ibmcloud.com/vulnerabilities/32475

http://osvdb.org/32122

http://secunia.com/advisories/24093

http://www.adobe.com/support/security/bulletins/apsb07-05.html

KEV Catalog EPSS Scores Vendors All CVEs