Content Management
 » 
House of Fusion
 » 
Cold Fusion - Technical

 « Return to Thread: New CF8 vulnerability

Re: New CF8 vulnerability

by Ian Skinner-3 :: Rate this Message:

Reply to Author | View in Thread


Brian McCairn wrote:
> what if you want to do file upload with fckeditor?

The recommendation seems to be to install the latest version of
fckeditor independently of the built in ColdFusion edition and to make
sure that it resides and works within properly sandboxed portions of you
system so that permission escalation is much harder to accomplish.



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists
Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:324198
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=17837.14401.4

 « Return to Thread: New CF8 vulnerability

Free embeddable forum powered by Nabble Forum Help