Closed giper45 closed 1 year ago
By looking at the vulnerability better, it seems that, even if all the parameters are not present, the vulnerable one is present (it is triggered when you change the parameter name instead of the value!). Thank you anyway.
@giper45 - yes, that's the correct. The crawler crawls all the relevant parameters, but not necessarily all the parameters supported by the UI.
I seen that
BenchmarkTest00037
contains the following parameters:but the form also contains another parameter (where
bar
is inserted):HTML code:
Was this intended? The change should be applied to
data/benchmark-crawler-http.xml
file