Cross-site scripting (XSS) vulnerability in the Administrator page in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Per: http://www.adobe.com/support/security/bulletins/apsb10-11.html
'Affected software versions
ColdFusion 8.0, 8.0.1, 9.0 and earlier versions for Windows, Macintosh and UNIX'
Publication date: Thu, 13 May 2010 22:30:00 +0000