It's really hard to say as there's very little information present, and the answer depends very much on what software (and version) is being run, as well as what your applications are doing. Can you provide some additional context? Suggested information: Product being used and it's version What is your application? Is it commercial/off-the-shelf or home written? What language & framework is it using? Are there any particular CVE's or vulnerabilities (such as might come up with scanning software or through OSWAP top-10 list ) that are triggering this query? Thanks

Apache HTTPD And Apache Tomcat

It is possible to inject text into a request to the application such that a user might be fooled into taking detrimental action

wily_wasalerts posted Jul 31, 2020 10:33 PM

Daniel Mikusa posted Aug 03, 2020 02:33 PM

It's really hard to say as there's very little information present, and the answer depends very much on what software (and version) is being run, as well as what your applications are doing. Can you provide some additional context?

Suggested information:

Product being used and it's version
What is your application? Is it commercial/off-the-shelf or home written? What language & framework is it using?
Are there any particular CVE's or vulnerabilities (such as might come up with scanning software or through OSWAP top-10 list) that are triggering this query?

Thanks