Closed digininja closed 8 years ago
I updated the test... no reason it can't check for "> and be a real xss. I can't find any info on this catinfo XSS so the usefulness of the test is in question.
Regarding not being a vuln if it's a 302... I can't control the client side, so I'd report it to a client (maybe lower severity or mitigating factors, but I'd still report it!). We could argue that over a beer.
I was debating putting it in regardless, might add it.
On Wed, 3 Aug 2016, 04:43 sullo, notifications@github.com wrote:
I updated the test... no reason it can't check for "> and be a real xss. I can't find any info on this catinfo XSS so the usefulness of the test is in question.
Regarding not being a vuln if it's a 302... I can't control the client side, so I'd report it to a client (maybe lower severity or mitigating factors, but I'd still report it!). We could argue that over a beer.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/sullo/nikto/issues/408#issuecomment-237127843, or mute the thread https://github.com/notifications/unsubscribe-auth/AAHJWVAK20-crbJezz_HVB2do5qJcdTUks5qcA5ugaJpZM4JbBf3 .
This is reported as XSS and while the querystring is echo'd back the response code is 302 so it won't trigger in most browsers. Need to add a response code check as well as content.