Open Closed

LoggedOut Page XSS and SQL Injection Warnings from ZAP #3443


User avatar
0
jackmcelhinney created
  • ABP Framework version: v5.2.2
  • UI type: Angular w/ Authorization Code Flow
  • DB provider: EF Core
  • Identity Server Separated (Angular): no

After running the OWASP ZAP penetration test tool, the report shows 2 Cross Site Scripting (Reflected) warnings and 1 SQL Injection warning on the log-out page. These may be false warnings, but can these be resolved as this issue was?


4 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    We will check and fix this. Thanks.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    Question Credits Refunded

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    I sent the changes to jack.xxx@xxxlarity.com.

  • User Avatar
    0
    jackmcelhinney created

    Received. Thanks!

Made with ❤️ on ABP v9.1.0-preview. Updated on November 11, 2024, 11:11