[Openvas-discuss] [Web Server Cross Site Scripting] False Positive ?
michael.meyer at greenbone.net
Mon Aug 8 09:25:32 CEST 2011
*** Thibaut PIRONNEAU <thibaut.pironneau at clermont-universite.fr> wrote:
> I have many web servers.
Which webservers you have running? Apache, IIs, ...
> To believe OpenVAS, 3 of them are sensitive to
> xss attack (Web Server Cross Site Scripting - OID:
> So I watched the NASL script and I tried to redo what the script does,
> but nothing appends on my servers. I just have the error page of my web
The Report should contain a "Sample url". Did you test with that
"Sample url"? What is the "Sample url"? Could you send me (maybe
offlist) the response body of the request to the "Sample url"?
Michael Meyer OpenPGP Key: 52A6EFA6
Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
Osnabrück, HR B 202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
More information about the Openvas-discuss