Pete Freitag Pete Freitag

Securing ColdFusion Applications - DevWeek 2021

Published on June 29, 2021
By Pete Freitag

It was great to be a speaker at the ColdFusion DevWeek event last week. I spoke on the topic Securing ColdFusion Applications.

As promised here are the slides, and the example code I used can be found here.

In this talk I thought it would be fun to come up with a list of the Top 10 Risks or Issues ColdFusion developers should be aware of. As with any security top ten list, there are more than 10 security issues to be aware of, so this is just a starting point.

  1. Old Code
  2. Failure to Delegate
  3. Security Configuration
  4. Various Injection Attacks
  5. XSS
  6. Authentication / Authorization
  7. Remote Code Execution
  8. SQL Injection
  9. File System Issues
  10. Unpatched Known Vulnerabilities

security presentations adobe

Securing ColdFusion Applications - DevWeek 2021 was first published on June 29, 2021.

If you like reading about security, presentations, or adobe then you might also like:


The Fixinator Code Security Scanner for ColdFusion & CFML is an easy to use security tool that every CF developer can use. It can also easily integrate into CI for automatic scanning on every commit.

Try Fixinator

The weekly newsletter for the CFML Community