CyberRota
← Ana sayfaya dön

CVE-2026-48307

HIGH · CVSS 8.8 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-30T16:16:54.987 · Çekilme zamanı: 2026-06-30T18:38:04.923235+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

Tespit Edilen Sinyaller
exploit arbitrary code execution code execution

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-48307
Severity
HIGH
CVSS
8.8
EPSS
Yok

Orijinal NVD Açıklaması

ColdFusion versions 2025.9, 2023.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially resulting in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious link. Scope is changed.