VCG generates a lot of results with the following message:
The application appears to use data contained in the
HttpServletRequest without validation or sanitisation.
No validator plug-ins were located in the application's
I was wondering which validator plugins are supported/detected.
Thanks in advance
It makes a fairly simple check for Struts validation in any XML files it encounters and also assumes some other type of validation is in place if any method called 'validate' is applied to input data.