veracode scanning CI - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: General (https://forum.codeigniter.com/forumdisplay.php?fid=1) +--- Forum: Lounge (https://forum.codeigniter.com/forumdisplay.php?fid=3) +--- Thread: veracode scanning CI (/showthread.php?tid=68134) |
veracode scanning CI - ciadvantage - 05-30-2017 Presently my company signed up with this guy and scan to code project which I have developed based on CI 2.2.x ( I knew CI 3.1.4 is out a while but still migrating to it now as I have lot of changes to suit 3.1.4) and the vulnerables were 250 Code: 250 and this is inĀ system/core/CodeIgniter.php And the stated flaw is it is subject to remote file inclusion vulnerability! I am kinda wonderouse if we have any defense for this and if someone knows please advise! Many thanks RE: veracode scanning CI - Narf - 05-30-2017 It's a false-positive. RE: veracode scanning CI - ciadvantage - 05-31-2017 (05-30-2017, 02:53 PM)Narf Wrote: It's a false-positive. thanks Narf |