Skip to main content
B
brado70491931
Participant
November 29, 2024
Question

The path [cf]\cfusion\wwwroot\cf_scripts\scripts\ajax\ckeditor detected as vulnerable.

  • November 29, 2024
  • 2 replies
  • 447 views

[cf]\cfusion\wwwroot\cf_scripts\scripts\ajax\ckeditor

Our internal vulnerabity scan refers to the above folder (ckeditor) in the ColdFusion 2021 installation path as vulnerable which is also mapped to the webiste as a virutual directory. How can we fix this issue and pass the vulnerability test.

    This topic has been closed for replies.

    2 replies

    Priyank Shrivastava.
    Community Manager
    Priyank Shrivastava.Community Manager
    Community Manager
    December 2, 2024

    Hi @brado70491931  As @BKBK  mentioned, please check what update level your ColdFusion is on, if it is not the latest update, please update the server to the latest one which is Update 17. https://helpx.adobe.com/in/coldfusion/kb/coldfusion-2021-update-17.html  

     

    So far we have not yet received any issues from any scanner which is flagging this directory.

    Thanks, Priyank Shrivastava
    B
    brado70491931Author
    Participant
    December 9, 2024

    We are on update 15 of Coldfusion 2021.

    BKBK
    Community Expert
    BKBKCommunity Expert
    Community Expert
    November 30, 2024

    What is your ColdFusion 2021's update level? I ask because recent ColdFusion 2021 hotfixes, such as Update 13, contain hotfixes for CKEditor.

     

    You should, in any case, update ColdFusion 2021 to the latest level, which is 17. Then see what your vulnerability scan says.

    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices