Documentation detailing how vulnerabilities are determined

Question

Documentation detailing how vulnerabilities are determined

Opened this issue 9 years ago · 0 comments

GoogleCodeExporter commented 9 years ago

Is it possible to add to documentation how Skipfish determines whether a 
vulnerability exists.

While I love skipfish, it does seem to produce quite a few false positives. 
Knowing the reasoning behind the report would make it easier.

Original issue reported on code.google.com by zenca...@googlemail.com on 8 Mar 2014 at 9:08