Documentation detailing how vulnerabilities are determined
GoogleCodeExporter opened this issue · comments
Is it possible to add to documentation how Skipfish determines whether a
vulnerability exists.
While I love skipfish, it does seem to produce quite a few false positives.
Knowing the reasoning behind the report would make it easier.
Original issue reported on code.google.com by zenca...@googlemail.com on 8 Mar 2014 at 9:08