Security enhancements in ColdFusion 10 let you reduce XSS and CSRF attack vulnerability. The enhancements also help you manage ColdFusion sessions effectively. The release also includes fixes that reduce other vulnerabilities.
XSS attack
CSRF attack
Session improvements
CRLF attack
Information disclosure
New HMAC method
cfcookie support in CFScript
Miscellaneous Changes
