The document discusses code review of a university's 17,394 ColdFusion source files developed by various skilled and unskilled developers. An initial review found issues like arbitrary file uploads, SQL injection in 29 apps, and XSS vulnerabilities in 33 apps. The review was conducted by recruiting cybersecurity students to examine the code. Most developers were willing to fix issues when notified. The university also implemented security training for developers and embedded automated code review tools to improve security going forward.