OWASP ZAP reported “alert(1);” XSS vulnerability, but we could not get pop up in browser.
The html surrounding the injected attack is:
<script type="text/javascript"> DataSet.FilterBuilder.QueryValuesDictionary['57_ctl00'] = ;alert(1);;</script>
Aucun commentaire:
Enregistrer un commentaire