SQL Injection flagged when 403 Forbidden
- Hi, I'm scanning a site with F-Secure Radar.
- It keep flagging SQL Injection High even though the response is: HTTP/1.1 403 Forbidden (our apps detect invalid input and response 403)
- Here is a video showing what I meant:
- We have two same apps in two different servers.
- However, only one of the server is having this issue.
- Is there something we set wrongly for the scan?
Please note the URL we use to scan is locked down to our IP.
Not sure if this will impact the scanning and produce false positive?0
I suggest to submit a support request so we can investigate further with our product team0
Hi James, how do I submit a support request?
Is there an email?
Please fill in the form here - https://www.f-secure.com/en/business/support-and-downloads/support-request1
This discussion has been closed.