This detection rule identifies attempts to exploit the Adobe ColdFusion vulnerability identified as CVE-2023-26360, which permits unauthenticated access to arbitrary files. The rule specifically monitors for requests directed to the ColdFusion path "/cf_scripts/scripts/ajax/ckeditor/*" using the Web datamodel, filtering website traffic by user-agent and HTTP status. Given the CVSS score of 9.8 for this vulnerability, this rule is critical for detecting potentially malicious activities that could lead to unauthorized access and data breaches. Notably, false positives may occur based on legitimate web traffic, necessitating contextual evaluation before actions are taken. The rule is implemented by ensuring the Web datamodel is correctly populated from supported technology add-ons.