Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
External JavaScript alerts
#1
We migrated one of our project from 14 to 15 two months back, done a quarterly audit last week and  there is one vulnerability -  Suspicious Change -    Found External JavaScript alerts


Detail:
We detected suspicious change in the code.The URL header may be changed by an external entity. If this change is authentic then you can neutralize it.

the only change what we done is IW14 it was running as Standlaone exe, in IW15 it is running as a standalone service.

Here I am attaching the details. What could be the issue please? Please advise


Attached Files
.docx   Alerts.docx (Size: 15.15 KB / Downloads: 11)
Reply
#2
Hi Pramod,

I'll have a look and let you know ASAP. But at first it looks like a false positive...

Cheers
Reply
#3
(07-19-2021, 07:40 AM)Alexandre Machado Wrote: Hi Pramod,

I'll have a look and let you know ASAP. But at first it looks like a false positive...

Cheers

Sorry Alex as client asking for immediate fix , did you get a chance to look on it please?
Reply
#4
What program is producing this alert?
Reply
#5
(07-22-2021, 03:43 PM)kudzu Wrote: What program is producing this alert?

Sorry didnt get what you meant
Reply
#6
Where is this report generated from?
Reply
#7
I've already responded via e-mail, yesterday.

The point is that seems that the auditors don't like self-modifying code, but this is a legit case. From their report:

"The URL header may be changed by an external entity. If this change is authentic then you can neutralize it."

yes, it is authentic. There is nothing wrong going on and they would know by code inspection.
Reply
#8
(07-24-2021, 11:32 PM)Alexandre Machado Wrote: I've already responded via e-mail, yesterday.

The point is that seems that the auditors don't like self-modifying code, but this is a legit case. From their report:

"The URL header may be changed by an external entity. If this change is authentic then you can neutralize it."

yes, it is authentic. There is nothing wrong going on and they would know by code inspection.

Thanks a lot for the update Alex.

PS: I didn't get your email.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)