Open Jennifer0099 opened 5 years ago
and another problem is that it seems the log file is not right because compare to the log file of the API application, the request seems got a status code 404
and when i test using an invalid URL i still can got the report like this: but in the past, it will always show in progress but not completed
and is I choose method post, every time when I refresh the page it will change to DEL
and this kind of SQL injection vulnerability can't be test out and rate limit
in the past, when I test the tiredful API, it can show broken authentication error, and I guess it is because, that endpoint doesn't need to be authenticated, but Astra test this vulnerability by removing the authentication header and send the request again. is this feature is closed now?