We use HP Fortify to audit our application. We get hundreds of "Javascript Hijacking: Vulnerable Framework" warnings with regard to the <asp:ScriptManager> block <asp:ScriptManager ID="ScriptManager1" runat="server"></asp:ScriptManager>.
A similar question was asked in the past by user kaganmurat but the answer given did not resolve the issue.
You should address your question to the vendors of HP Fortify. It is they who have determined that the tag should generate warnings in their tool. It has nothing to do with the ASP.NET framework.
None
0 Points
1 Post
Javascript Hijacking Vulnerable Framework
Apr 06, 2017 06:54 PM|quickdrawpm|LINK
Hi,
We use HP Fortify to audit our application. We get hundreds of "Javascript Hijacking: Vulnerable Framework" warnings with regard to the <asp:ScriptManager> block <asp:ScriptManager ID="ScriptManager1" runat="server"></asp:ScriptManager>.
A similar question was asked in the past by user kaganmurat but the answer given did not resolve the issue.
Any help would much appreciated.
Thank you.
</div>All-Star
194506 Points
28081 Posts
Moderator
Re: Javascript Hijacking Vulnerable Framework
Apr 07, 2017 07:22 AM|Mikesdotnetting|LINK
You should address your question to the vendors of HP Fortify. It is they who have determined that the tag should generate warnings in their tool. It has nothing to do with the ASP.NET framework.