I've been writing a portal system for my site and someone has warned me that my site is vulnerable because forms not on my site could send my scripts info. I was wondering if anyone versed in cgi security could tell me what kind of attacks I am risking by not checking the source of a POST.
To me, this doesn't seem like a problem but does people making their own forms and passing my scripts extra get or post variables particularly present a problem
