I have run Zap scanning tool on my Grafana Project. we are using grafana 6.7.3 version.
Zap has reported Format String Error alert of medium severity. Below is detail of Alert -
Medium (Medium) | Format String Error |
---|---|
Description | A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. |
URL | http://<IpAddress>/api/admin/users |
Method | POST |
Parameter | password |
Attack | ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s |
Could you please let me know the resolution for the same.
Regards,
Abhimanyu