SQL Injection flagged when 403 Forbidden

  1. Hi, I'm scanning a site with F-Secure Radar.
  2. It keep flagging SQL Injection High even though the response is: HTTP/1.1 403 Forbidden (our apps detect invalid input and response 403)
  3. Here is a video showing what I meant:

  1. We have two same apps in two different servers.
  2. However, only one of the server is having this issue.
  3. Is there something we set wrongly for the scan?



This discussion has been closed.