Pete Freitag pointed out an old RSS bug in BlogCFC. If HTML is contained in the entity, it is correctly escaped, but the Short version of the RSS feed will truncate the HTML midtag (or MAY truncate it). I'm in Boston so I don't access to my source, but it is an incredibly easy fix.
In BlogCFC, line 502, change:
(FYI, I added line breaks to make it a bit more readable.)
<cfif arguments.mode is"short"
and len(body) gte arguments.excerpt>#xmlFormat(left(body,arguments.excerpt))#...
<cfelse>#xmlFormat(body)#</cfif>
<cfif len(morebody)> [More]</cfif></description>
to
and len(REReplaceNoCase(body,"<[^>]*>","","ALL")) gte arguments.excerpt>
#xmlFormat(left(REReplaceNoCase(body,"<[^>]*>","","ALL"),
arguments.excerpt))#...
<cfelse>#xmlFormat(body)#</cfif><cfif len(morebody)> [More]</cfif></description>
All I did was replace 'body' with a regex from cflib. Note that a better solution would be to store the result of the regex on the first call so we don't have to run it again, but for only 2 uses, I don't feel too bad about it.
Also note that this won't stop escaped html. So, as you can see the sentence before this one, I have real HTML - the italics. Above that is escaped HTML in code. This won't stop escaped HTML being truncated, but will stop real HTML. If that makes sense.
So - this will be pushed into source next week. I also detected a bug where an error in RSS generation will cause an infinite loop in rss.cfm. I'll fix that as well.