cfapplication

Forum|Forum|13 years ago
January 13, 2013
1 reply
348 views

This question was posted in response to the following article: http://help.adobe.com/en_US/ColdFusion/10.0/CFMLRef/WSc3ff6d0ea77859461172e0811cbec22c24-7d69.html

This topic has been closed for replies.

S

skyflare21

Participant

The scriptProtect feature in CFML engines doesn't protect against using code like shown below to insert malicious code. You must still validate data submitted by users you don't trust.

onclick="javascript:doEvil();" or href="javascript:doEvil();"

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded