Open Closed

Security Vulnerabilities #10361


0
sanjayeig created

Prerequisites

Please answer the following questions before submitting an issue. YOU MAY DELETE THE PREREQUISITES SECTION.

  • What is your product version? v9.0.0
  • What is your product type (Angular or MVC)? Angular
  • What is product framework type (.net framework or .net core)? .net core

My team has built our site based off of ASP.NET Zero and we're currently going through a security audit. A static code analyzer has found a number of vulnerabilities in the base code. What is the best way to handle this? My concern is if my team modifies the base code then we will run into problems when we want to upgrade. Does ASP.NET Zero run static code analyzers? Are these known vulnerabilities that have been mitigated? Any help with this would be greatly appreciated. Thanks.


1 Answer(s)
  • 0
    ismcagdas created
    Support Team

    Hi @sanjayeig

    Yes, we run OWASP ZAP tool on AspNet Zero. Could you send your findings to info@aspnetzero.com so we can take a look and make suggestions to you.