From 715224a603f32a60ef5d6b606db30b298bd06f4f Mon Sep 17 00:00:00 2001 From: Luis Majano Date: Mon, 22 Apr 2024 10:32:40 +0200 Subject: [PATCH] COLDBOX-1278 #resolve Remove unsafe evaluate function usage --- system/core/dynamic/MixerUtil.cfc | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/system/core/dynamic/MixerUtil.cfc b/system/core/dynamic/MixerUtil.cfc index cc792dcc4..75b830897 100644 --- a/system/core/dynamic/MixerUtil.cfc +++ b/system/core/dynamic/MixerUtil.cfc @@ -161,7 +161,16 @@ component { * Removes a method in a CFC */ function removePropertyMixin( required propertyName, scope = "variables" ){ - structDelete( evaluate( arguments.scope ), arguments.propertyName ); + switch( arguments.scope ){ + case "variables": + return structDelete( variables, arguments.propertyName ); + break; + case "this": + structDelete( this, arguments.propertyName ); + break; + default: + throw( "Invalid scope" ); + } return this; }