Adobe patches flaws in ColdFusion, LiveCycle Data Services and Premiere Clip
Adobe has released security updates for its ColdFusion application server, LiveCycle Data Services framework and Premiere Clip iOS app.
The company published hotfixes for ColdFusion versions 11 and 10, namely ColdFusion 11 Update 7 and ColdFusion 10 Update 18. Both updates address two input validation issues that could be exploited to execute cross-site scripting (XSS) attacks.
In addition, the hotfixes include an updated version of BlazeDS, a Java messaging protocol for rich Internet applications, that resolves an important server-side request- forgery vulnerability.