Skip to content

Instantly share code, notes, and snippets.

@65
Created March 10, 2012 17:51
Show Gist options
  • Save 65/2012283 to your computer and use it in GitHub Desktop.
Save 65/2012283 to your computer and use it in GitHub Desktop.
Cross Site Scripting (CSS/XSS) Gotcha when using cfform
<form action="/this/folder/path/index.cfm?SumNum=1594481679" name="thisform" method="post">
/this/folder/path/index.cfm?SumNum="</div>
<script>alert('document.cookie')</script>
/this/folder/path/index.cfm?SumNum=1594481679
<cfform name="thisform" method="post">
<cfinput ...... />
</cfform>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment