There are various threads on this and similar CFIDE vulnerabilities. Make sure you are at the latest patch/hotfix level. Also for your web facing sites, I always recommend pointing your "cfide" virtual directory to an empty directory and then adding a "scripts" virtual directory under it that points back to the original cfide/scripts location. This fixes most CFIDE vulnerabilities.
↧