cfml

<https://www.securityweek.com/cisa-warns-of-exploited-adobe-coldfusion-windows-vulnerabilities/>

<https://www.cisa.gov/news-events/alerts/2024/12/16/cisa-adds-two-known-exploited-vulnerabilities-catalog>

That CVE was addressed in the September patches for 2021 and 2023.

For those looking at this -- it impacts modern versions of ACF if you have the CF Administrator open to the public.  Requires update 7 for 2023 or update 12 for 2021.

It needs to go unsaid, but run the lockdown wizard.  This vuln won't impact you if you do.