I have did app scan on a ASP.Net Application developed with Telerik Controls,
I received following vulnerabilities related to telerik Controls
1. Catchable SSL Page Found
3.Query parameter in SSL Request
As per our Security feedback , these issues should be rectified, I had already explained that these are just assemblies which doesnt do any database operation and can be treated as false positive. But they suggested to refer Australian Cyber Security Centre report on Advisory: Vulnerable versions of Telerik
UI being actively exploited by APT actor.
Please support in order to resolve the issue.