<< Online ColdFusion Meetup public

public

Discussion Area

ask questions, discuss topics, solve problems

This is a public Discussion Area

Thread

cross site scripting in coldfusion
Thread posted Mar 23 by shariff4466
386 Views, 0 Comments
Title:
cross site scripting in coldfusion
Content:
hi all
the testing people has scanned the application i.e.,,(machine test) and found that The test successfully embedded a script in the response, and it will be executed once the page is
loaded in the user's browser. This means that the application is vulnerable to Cross-Site Scripting and they told us to Filter out hazardous characters from user input and iam unable to find a solution any help woul be kindly appreciated..
Code Snippet:
<form name="login" method="post" action="index.cfm? lang=en&var1=0"></STYLE><STYLE>@import"javascript:alert(1214948) 1214948)";</STYLE> &CustNo=|&Page=5&index=true">
- Be the first to rate this Post
  |
  Sign in to rate this Post