CISA has added a critical vulnerability impacting Adobe ColdFusion versions 2021 and 2018 to its catalog of security bugs exploited in the wild.

Adobe released security patches for vulnerabilities in its ColdFusion, After Effects and Digital Editions applications. If exploited, the flaws could enable attackers to view sensitive data, gain ...

A cyber-espionage group appears to have reverse engineered an Adobe security patch and is currently going after unpatched ColdFusion servers.

Though ColdFusion has long had a free developer edition, production licenses for the latest ColdFusion 8 cost $1,299 for the standard edition and $7,500 for the enterprise edition.

Hackers are actively exploiting two ColdFusion vulnerabilities to bypass authentication and remotely execute commands to install webshells on vulnerable servers.

Both incidents targeted outdated and unpatched ColdFusion servers and exploited a known vulnerability.

Adobe Systems delivers a beta release of the ColdFusion 2 integrated development environment for creating ColdFusion applications.