Both Lucee and Oracle have released security updates that may be needed
to be applied to your server.

Lucee has released a security patch “to fix an XSS vulnerability found
in the default error and debug templates”.
To update Lucee, simply run the updater from the Lucee Admin to version: (stable branch),
(development branch) or (beta).

You can read more about it at the following URL:

If you’re using Railo, you may want to upgrade to Lucee to take
advantage of these security updates.

Oracle has released a security update for Java:
This update addresses 25 vulnerabilities of which 5 have the potential
to be exploited in server side java deployments.
Oracle has released Java 8 update 65 to address these vulnerabilities,
they have also released Java 8 update 66 which includes both
the security fixes and some new bug fixes. You can find a listing of
bugs fixed in each update here:
If you have any questions, please submit a support request

Leave a Reply

Your email address will not be published. Required fields are marked *

ten − one =