CVE-2017-11286

Adobe ColdFusion has an XML external entity (XXE) injection vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11.

Date published : 2017-12-01

http://www.securityfocus.com/bid/100715

https://helpx.adobe.com/security/products/coldfusion/apsb17-30.html