Greetings: I need some examples of insecure CF to use as test bed against Fortify. I want to verify that the Fortify rule pack will flag offending code that allows SQL Injections and Cross-site scripting, etc. I could sit down and write a bunch of insecure code examples - but I'm hoping I can grab some from the web. (Not to mention there are more attacks than I can think of!)
Sincerely, Brooks ADS develops & supports effiective, efficient and secure software solutions ------------------------------------------------------------------------------ Federal Reserve Bank of Atlanta ∙ Application Delivery Services 1000 Peachtree Street NE ∙ Atlanta,Georgia ∙ 30309-4470 ( 404-498-8178
