11/13/2013 07:29 AM EST
Original release date: November 13, 2013
Adobe has released a security hotfix for ColdFusion versions 10, 9.0.2, 9.0.1, and 9.0 for Windows, Macintosh and Linux to address multiple vulnerabilities. This hotfix addresses a reflected cross site scripting vulnerability (CVE-2013-5326) that could be exploited by a remote, authenticated user and a vulnerability (CVE-2013-5328) that could permit unauthorized remote read access.
Users and administrators need to review Adobe Security Advisory APSB13-27 and follow best practice security policies to determine if their organization is affected and the appropriate response.