Back to directory
WRITEUP #967

CVE-2023-29298: Adobe ColdFusion Access Control Bypass

Logic BugBroken Access ControlLogic flawSecurity code reviewColdFusion
by@stephenfewer(Stephen Fewer)
Program
Adobe
Published
Jul 11, 2023
Added to HackDex
Jul 12, 2023
Read Full Writeuphttps://www.rapid7.com/blog/post/2023/07/11/cve-2023-29298-adobe-coldfusion-access-control-bypass/
RELATED WRITEUPS
Logic Flaw: I Can Block You from Accessing Your Own Account
Logic BugLogic flaw
“Like” Bypass on Customer Reviews — €500 bounty
Logic BugLogic flaw
Hacking Moodle Apps Via External Functions
OtherBroken Access Control
Getting code execution on Veeam through CVE-2023-27532
RCEInsecure deserialization
Spip Preauth RCE 2024: Part 2, A Big Upload
RCEFile upload

Built with ❤️ by Shubham Rawat