Received CRITICAL report over night from the Magento Security Tool.
The malicious code signature(s) has been found on the page."
I've re-run the scan and get the same result each time.
I also struggled to get mwscan working by following the instructions on the Magento site as they appear to reference files that don't exist -- have there been changes to mwscan since the Magento instructions were written?
Is it possible that this is a false positive, as I've seen similar posts here indicating? Are there any other ways I should attempt to test in order to prove this? Thanks!
Also, sometimes you'll get a false positive too.
Maybe @msavich can help here or you can contact Magento Security Team regarding the security scan tool over support team or directly at firstname.lastname@example.org
To report a proven security vulnerability please submit it over BugCrowd project: https://bugcrowd.com/magento
Please send the email to email@example.com with your store URL and link to this thread.