I am wondering if there are any security risks with submitting a form entered search and the <cfsearch tag? Currently I'm filtering to allow only alphanumeric characters plus one or two others, but presumably if characters such as angle brackets < > have special meaning to the search engine it is not possible to inject malicious code?
Any help with this and guidance as to where there is a concise explanation of Verity search criteria with examples would be most welcome.
Thanks