Recently the security firm Procheckup performed a security scan on BlogCFC. This was for a customer of theirs but they gladly shared the issues they found. This was rather nice of them so I'd like to thank them. They not only sent me a very detailed list of the issues (XSS issues), but also worked to help me verify they were fixed. Grab the latest bits from RIAForge: http://blogcfc.riaforge.org
(This post is more than 2 years old.)
Important BlogCFC update - thanks to ProCheckup
Hire Me!
I'm currently looking for my next role in developer evangelism and advocacy. I have a long history of helping companies work with developers and love to write, create demos, and present at conferences. You can find my resume to learn more and drop me an email (raymondcamden@gmail.com) to reach out.
Support this Content!
If you like this content, please consider supporting me. You can become a Patron, visit my Amazon wishlist, or buy me a coffee! Any support helps!
Want to get a copy of every new post? Use the form below to sign up for my newsletter.
Archived Comments
Have you ever looked at Portcullis?(http://portcullis.riaforge..... It's a SQL injection and XSS filter. I use it and it seems to work pretty well. Filters all form, url, and cookie variables.
No, I've not. I tend to prefer to do things more obvious - directly on the page. Of course, it leads to mistakes like those corrected by Procheckup.
Hey Raymond, what if I want to update those specific files. I have my blog cfc customized.
Check the readme.txt file. It always details exactly what files changed in what release.