Hi,

Syntribos run shows following failures, can someone help with their impact on system and method to remediate them.

Syntribos test case failures include:

1. The difference in length between the response to the baseline request and the request returned when sending an attack string exceeds 1000.0 percent, which could indicate a vulnerability to injection attacks.
2. This request returns an error with status code 500, which might indicate some server-side fault that may lead to further vulnerabilities.
3. The string(s): '['<script>alert(document.cookie);</script>']', known to be commonly returned after a successful XSS attack, have been found in the response. This could indicate a vulnerability to XSS attacks.
4. The string(s): '[\"
5. The string(s): '[\"</script><script>alert('XSS');</script>\"]', known to be commonly returned after a successful XSS attack, have been found in the response. This could indicate a vulnerability to XSS attacks.
6. The string(s): '[\"<style>@import'http://xss.rocks/xss.css';</style>\"]', known to be commonly returned after a successful XSS attack, have been found in the response. This could indicate a vulnerability to XSS attacks.

Regards Shri Prakash