Hotfix for CF8 FCKeditor Vulnerability Released

July 08, 2009

Adobe has just released a security hotfix for the FCKeditor vulnerability in Coldfusion 8.

Also of Note, Adobe's Terry Ryan posted a blog entry today detailing How to report a ColdFusion Security Issue to Adobe.

Related Entries

1 person found this page useful, what do you think?


Just a head's up to anyone applying this one:
1) The .jar file comes down as a .zip file. Just change the extension

2) I downloaded this one locally, uploaded to the server, and then copied over into the CFIDE folder. After that, I got a server login bix whenever I tried to use cftextarea.

Turns out the cftextarea.js file had the FTP folder priviliages, and it required more privliages to work in the CFIDE folder. Once I set them up to match the other folder in that directory, it was fine again.
Hey, subtle must be your mildde name. Great post!

Recent Entries


did you hack my cf?