The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to cross-site scripting vulnerability. A flaw is present in the cfform tag components in the application, which fails to properly handle the vectors. Successful exploitation allows remote attackers to inject arbitrary web script or HTML.