CVE-2008-0644 | Vulnerability Database | Aqua Security

Adobe ColdFusion MX 7 and ColdFusion 8 allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism for applications via unspecified vectors related to the setEncoding function.

Affected Software

Name	Vendor	Start Version	End Version
Coldfusion	Adobe	7.0 (including)	7.0 (including)
Coldfusion	Adobe	7.0.1 (including)	7.0.1 (including)
Coldfusion	Adobe	7.0.2 (including)	7.0.2 (including)
Coldfusion	Adobe	8.0 (including)	8.0 (including)

References

http://secunia.com/advisories/29332
http://www.adobe.com/support/security/bulletins/apsb08-07.html
http://www.securityfocus.com/bid/28205
http://www.securitytracker.com/id?1019590
http://www.vupen.com/english/advisories/2008/0862/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41145
http://secunia.com/advisories/29332
http://www.adobe.com/support/security/bulletins/apsb08-07.html
http://www.securityfocus.com/bid/28205
http://www.securitytracker.com/id?1019590
http://www.vupen.com/english/advisories/2008/0862/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41145

NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-0644
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html