Cross-site scripting security issue in Dreamweaver MX and Dreamweaver UltraDev server behaviors

(TechNote) There is a security issue with some of the server behaviors in Dreamweaver MX, Dreamweaver UltraDev 4, Dreamweaver UltraDev 1, and two extensions that shipped as part of the Developer’s Resource Kit (DRK), vol. 2 and vol. 4. If exploited, this issue makes it possible for an attacker to gain access to certain site-specific cookie and session information. (Ref. 146889)

Note: This security issue has been fixed in Dreamweaver MX 2004 and later versions.

Comments are closed.