Deserialization of Untrusted Data Vulnerability in ColdFusion Versions
CVE-2019-7091 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
Learn more about our Web Application Penetration Testing UK.