APAR status
Closed as Permanent restriction.
Error description
In AppScan Standard Edition 8.0, the testing of some AMF based Parameters (for Flash/Flex based applications) is difficult to verify for the existance of a vulnerability. These tests include Cross-site Scripting, Blind SQL Injection and Link Injection.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: * **************************************************************** * PROBLEM DESCRIPTION: * **************************************************************** * RECOMMENDATION: * **************************************************************** In AppScan Standard Edition 8.0, the testing of some AMF based Parameters (for Flash/Flex based applications) is difficult to verify for the existance of a vulnerability. These tests include Cross-site Scripting, Blind SQL Injection and Link Injection.
Problem conclusion
This is the current design of the Flash browsing, please open an enhancement request if you wish to modify this behavior.
Temporary fix
Comments
APAR Information
APAR number
PM28837
Reported component name
RATL APPSCAN ST
Reported component ID
5724T5900
Reported release
800
Status
CLOSED PRS
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2010-12-13
Closed date
2011-01-04
Last modified date
2011-01-04
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Applicable component levels
[{"Business Unit":{"code":null,"label":null},"Product":{"code":"SUPPORT","label":"IBM Worldwide Support"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.0","Edition":"","Line of Business":{"code":null,"label":null}}]
Document Information
Modified date:
08 September 2020