Open Closed

LoggedOut Page XSS and SQL Injection Warnings from ZAP #3443

User avatar
0
jackmcelhinney created
  • ABP Framework version: v5.2.2
  • UI type: Angular w/ Authorization Code Flow
  • DB provider: EF Core
  • Identity Server Separated (Angular): no

After running the OWASP ZAP penetration test tool, the report shows 2 Cross Site Scripting (Reflected) warnings and 1 SQL Injection warning on the log-out page. These may be false warnings, but can these be resolved as this issue was?

Go to accepted answer
4 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    We will check and fix this. Thanks.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    Question Credits Refunded

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    I sent the changes to jack.xxx@xxxlarity.com.

  • User Avatar
    0
    jackmcelhinney created

    Received. Thanks!

Assignee
No one
Labels
None yet
Boost Your Development
ABP Live Training
Packages
See Trainings
Mastering ABP Framework Book
The Official Guide
Mastering
ABP Framework
Learn More
Mastering ABP Framework Book
Made with ❤️ on ABP v10.0.0-preview. Updated on July 17, 2025, 06:22