Details
Alert Id 30002
Alert Type Active Scan Rule
Status release
Risk Medium
CWE 134
WASC 6

Summary

A Format String error occurs when the submitted data of an input string is evaluated as a command by the application.

Solution

Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.

References

Code

org/zaproxy/zap/extension/ascanrules/FormatStringScanRule.java