-
-
Notifications
You must be signed in to change notification settings - Fork 2.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
False Positive -- SQL Injection #8382
Comments
Please, include the version of the add-ons (at least scan rules), that's important. |
Where can this be found? |
If you use the issue templates that we setup it gathers the details the team wants and provides info on getting version details, etc |
I am coming from https://www.zaproxy.org/faq/how-do-i-handle-a-false-positive/ which opens a blank issue, so I guess that needs to be updated. As for add-on version so following might help: ZAP Installed Add-ons: [[id=accessControl, version=9.0.0], Operating System: Mac OS X |
Thanks! Yup it does. I'll tackle that. |
Here's the URL the ZAP is testing for SQLi
and the response contains 302 to login page because the session expired.
Tested this URL after authenticating as well, no chance of SQLi.
The text was updated successfully, but these errors were encountered: