We use Dailyrazor as our web host. Over the past couple of days our CFM forms
have been acting strange. Every time a form is submitted it now has a JS header
forwarding the browser to a site in Japan. None of the form is processed. Our
host was hacke...
Securing the ColdFusion 2025 Administrator is essential to protect sensitive
data and ensure safe communication. One of the best ways to achieve this is by
enabling SSL (Secure Sockets Layer), which encrypts traffic.
ColdFusion 2025 offers three met...
OAuth 2.0 is the industry-standard protocol for authorization, designed to
simplify client development while offering specific authorization flows for
applications. By integrating OAuth through providers, developers can decouple
the authorization as ...
Key Takeaways from Summit
Presentation• Hashing = Integrity, specifically for passwords If available, use
the SCrypt (preferred) or BCrypt algorithms for password hashing and storage.
Otherwise, use SHA-512 with 600,000 iterations or more and add a u...
We have released critical security updates for ColdFusion (2023 release) and
ColdFusion (2021 release).
Adobe is aware that CVE-2024-53961 has a known proof-of-concept that could cause
an arbitrary file system read.
View the security bulletin,APSB2...
We are pleased to announce that we have released general updates to ColdFusion
(2023 release) Update 11 and ColdFusion (2021 release) Update 17. The updates
include bug fixes and enhancements in Administrator, Language, CFSetup,
Database, and other a...
We are pleased to announce that we have released general updates to ColdFusion
(2023 release) Update 10 and ColdFusion (2021 release) Update 16. The updates
resolve a critical vulnerability that could lead to the deserialization of
untrusted data. Fo...
[Updated: 8/30/24, correcting typographic quotes in code that caused compilation
errors. Also removed double-spacing, added new excerpt, and revised title] I
know that some sites still use old versions of ColdFusion, for example,
ColdFusion 9. Howeve...
Does coldfusion support SID history for active directory authentication? We are
moving from an old domain to a new domain and the new domain has bidirectional
trust configured. Has anyone dealt with this before?
We are pleased to announce that we have released general updates to ColdFusion
(2023 release) Update 9 and ColdFusion (2021 release) Update 15. We’ve upgraded
Tomcat from version 9.0.85 to version 9.0.93 for both versions. Where do I
download the upd...
Working on setting up SSO for ColdFusion 2021 in a ColdFusion cluster
environment. Where do I find the default Signing Keystore Password?Any
information would be greatly appreciated.
We are pleased to announce that we have released security updates to ColdFusion
(2023 release) Update 8 and ColdFusion (2021 release) Update 14.This update
includes several security fixes to ensure the safety and security of our
systems. These change...
COLDFUSION (2023 RELEASE) UPDATE 7 AND COLDFUSION (2021 RELEASE) UPDATE 13
(RELEASE DATE, MARCH 12, 2024) ADDRESSES VULNERABILITIES MENTIONED IN THE
SECURITY BULLETIN AND FIXES OTHER SECURITY ISSUES. THIS UPDATE ALSO
CONTAINS A TOMCAT UPGRADE (V9.0....
Ensuring the security of your ColdFusion environment is crucial, and by adhering
to simple rules, you can significantly enhance its robustness. Here are some key
practices to follow:Use Supported Versions: Always make sure to use a ColdFusion
version...
COLDFUSION (2023 RELEASE) UPDATE 6 AND COLDFUSION (2021 RELEASE) UPDATE 12
(RELEASE DATE, NOVEMBER 14, 2023) ADDRESS VULNERABILITIES THAT ARE MENTIONED IN
THE SECURITY BULLETIN, APSB23-52. THESE UPDATES RESOLVE CRITICAL VULNERABILITIES
THAT COULD LEA...
22 Sep 2025
Las Vegas, NV
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)