The host is installed with Adobe Coldfusion and is prone to multiple CRLF injection vulnerabilities. The flaws are present in the application 8.0 through 9.0.1 caused by improper validation of user-supplied input which will persuade a victim to click on a specially-crafted URL link containing CRLF character sequences. Successful exploitation allows remote attackers to inject arbitrary HTTP headers ...