The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a high-severity Adobe ColdFusion vulnerability by unidentified threat actors.
The vulnerability (CVE-2023-26360) allows for arbitrary code execution and affects ColdFusion 2018 and ColdFusion 2021 versions. [ more ]