Ian Buzer wrote: > > It looks like someone's trying to test to see if the form is vulnerable to > having headers injected into it. In fact, on one of the attempts, he did > manage to override the subject of the email. > > Does anyone know if cfmail is vulnerable to this kind of thing?
Not to this specific one, but you do keep up with your patched, don't you? http://www.macromedia.com/devnet/security/security_zone/mpsb05-14.html Jochem ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:232861 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
