0

The AWSALBCORS cookie appears to be vulnerable to SQL injection attacks. The payloads ' and 5921=5921-- and ' and 9859=9867-- were each submitted in the AWSALBCORS cookie. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

The vulnerability occurred when scanning dot net web api project

enter image description here

enter image description here

Afis
  • 32
  • 1
  • 5
  • "These two requests resulted in different responses" - what exactly was the difference between the responses? – Dai Jul 10 '20 at 19:19
  • What vulnerability report is this? Is this **your** cookie? Are you using its values in a database query in your application code? What makes you think it's an actual SQL injection - consider that it could be SQL injection *mitigation* code that blocks cookies containing suspicious strings. – Dai Jul 10 '20 at 19:20
  • Thanks @Dai, the vulnerability is scan report of the application by burp suite, I had updated the detail by providing the screen shot from the scan – Afis Jul 10 '20 at 21:47
  • You need to go through your project’s source-code and see why it’s handling the two requests differently. This isn’t anything we can help you with, especially as you haven’t posted any source-code. – Dai Jul 10 '20 at 22:23
  • Thanks @Dai, I posted the question here after goring through the project's source code and could not see any SQL injection. The result is false positive, the request by the burp suite during scan is actually to mvc api documentation url and not actual Api url. The GET is to mcv api documentation from the screen attached. – Afis Jul 13 '20 at 20:16

0 Answers0