andrew-security | Stripe Developers | Page 1

cyan zephyr Aug 1, 2022, 9:41 PM

#

Hello

#

it's for our own Risk team. Not sure how that could be a vulnerability, it's the same as loading that URL in a browser

vast orchid Aug 1, 2022, 9:43 PM

#

Hi, I've determined that the vulnerability they detected poses no actual risk as it's sent from Stripe's end.

#

However I just wanted some clarity on the purpose of the request so I can label it as a false positive with a reason.

cyan zephyr Aug 1, 2022, 9:44 PM

#

I mean again it's the same as loading your website 😅

#

but ultimately it's for our own processes, we look at your domain, make sure it's active/valid and cache what is on that page

vast orchid Aug 1, 2022, 9:45 PM

#

Ok great, thanks so much

#andrew-security