No, this is done through HTTPS intercepting within BURP. It clearly modified the URL as there are no insertion points in our code for this URL. I believe the issue lies within the response from Salesforce as it seems to be returning an error regarding the SOQL query. When it returns the message, it also returned the script, which in turned caused alarm in BURP.
I don't know whether to call this a false positive as the script does nothing to execute this code in any way.
This looks a lot like automated XSS scanner query.
Do you have a contact named: 72aa<script>alert('a');</script>aab33?
Hi,
No, this is done through HTTPS intercepting within BURP. It clearly modified the URL as there are no insertion points in our code for this URL. I believe the issue lies within the response from Salesforce as it seems to be returning an error regarding the SOQL query. When it returns the message, it also returned the script, which in turned caused alarm in BURP.
I don't know whether to call this a false positive as the script does nothing to execute this code in any way.