CVE-2009-3467
Cross-site scripting (XSS) vulnerability in an unspecified method in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Date published : 2010-05-13
http://www.adobe.com/support/security/bulletins/apsb10-11.html