The host is installed with Adobe ColdFusion 8.0, 8.0.1 or 9.0 and is prone to cross-site scripting vulnerability. A flaw is present in the application due to an error in the Administrator page. Successful exploitation allows remote attackers to inject arbitrary web script or HTML via unknown vectors.