Anyone on CF 2021 that hasn't yet applied update 20 - if you ever pass more arguments to a function that you explicitly declare with your cfargument - watch out for this: https://stackoverflow.com/questions/79634267/how-to-fix-function-functionname-does-not-support-argumentname-as-an-argumen

It's in the release notes too.

Yes it's a ridiculous change claiming to make your code more secure. However it is not. It's protecting badly scoped code that I am sure had an issue with scope hunting.

I’ve reflected on it a bit and now see it’s only on remote fn’s so I guess if one had an unscoped var in an fn that sometimes is there and sometimes isn’t then an attacker could provide their own val for that var. however I don’t think unscoped vars are allowed in fns ever now are they. Anyway I feel like this is a breaking change that could have done with being highlighted more in the update notes

A change that interferes with dynamic programming, and breaks lots of code. Would have been better to fix the CF internals, if that was possible, which, probably.