Friday, 23 June 2006by
Adrian Pastor
Coldfusion debug mode vulnerable to XSS and HTML injection attacks
Coldfusion's debug mode, when enabled via appending "mode=debug" to URLs, is vulnerable to XSS and HTML injection attacks, a risk not widely report ....