Adobe Issues Out-of-Band Security Bulletin for Critical ColdFusion Vulnerability (CVE-2019-7816)
by Satnam Narang on March 1, 2019
Adobe Security Bulletin APSB19-14 addresses a file upload restriction bypass vulnerability that has been exploited in the wild.
Background
On March 1, Adobe published APSB19-14, an out-of-band security bulletin to address a critical vulnerability in Adobe ColdFusion. Affected versions include ColdFusion 2018 Update 2 and earlier, ColdFusion 2016 Update 9 and earlier, and ColdFusion 11 Update 17 and earlier.