Avatar of shariff_pasha

asked on 

Cross Site Scripting in Coldfusion

hi all
the testing people has scanned the application i.e.,,(machine test) and found  that The test successfully embedded a script in the response, and it will be executed once the page is
loaded in the user's browser. This means that the application is vulnerable to Cross-Site Scripting and they told us to Filter out hazardous characters from user input and iam unable to find a solution any help woul be kindly appreciated..
<form name="login" method="post" action="index.cfm?
lang=en&var1=0"></STYLE><STYLE>@import"javascript:alert(1214948) 1214948)";</STYLE>

Open in new window

Web ServersWeb Development SoftwareColdFusion Language

Avatar of undefined
Last Comment

8/22/2022 - Mon