SQL Injection flagged when 403 Forbidden
huisheng
W/ Alumni Posts: 3 Security Scout
- Hi, I'm scanning a site with F-Secure Radar.
- It keep flagging SQL Injection High even though the response is: HTTP/1.1 403 Forbidden (our apps detect invalid input and response 403)
- Here is a video showing what I meant:
- We have two same apps in two different servers.
- However, only one of the server is having this issue.
- Is there something we set wrongly for the scan?
Thanks.
0
Answers
-
Please note the URL we use to scan is locked down to our IP.
Not sure if this will impact the scanning and produce false positive?
0 -
Hi huisheng,
I suggest to submit a support request so we can investigate further with our product team
0 -
Hi James, how do I submit a support request?
Is there an email?
Thanks.
0 -
Hi huisheng
Please fill in the form here - https://www.f-secure.com/en/business/support-and-downloads/support-request
1
This discussion has been closed.