cancel
Showing results for 
Search instead for 
Did you mean: 

Security Scan Tool, site is compromised with injected JavaScript false positive?

Re: Security Scan Tool, site is compromised with injected JavaScript false positive?

It appears the issue is happening again.  I am on 1.14.0.1.  The latest scan this past weekend states my site is compromised, but does not provide any filenames or information stating where the issue can be found.  Is this another false positive?

Re: Security Scan Tool, site is compromised with injected JavaScript false positive?

@msavich Yesterday security scan giving this issue

 

Your site is compromised with injected JavaScript.(127) The malicious code signature(s) has been found in resources:
https://www.googleadservices.com/pagead/conversion_async.js

 

Magento version 1.9.2.4

Is this false positive?

if not How can i solve it?

Re: Security Scan Tool, site is compromised with injected JavaScript false positive?

Hi @Neha Dudhat

 

You should try to run the scan again.

 

As per my information there was some issue with the scanner. (I come to know about this from some other channel, other than community forums)

It was showing https://www.googleadservices.com/pagead/conversion_async.js vulnerable.

 

Magento team was informed by Piotr Kaminski to fix it.

---
Problem Solved Click Accept as Solution!:Magento Community India Forum

Re: Security Scan Tool, site is compromised with injected JavaScript false positive?

False positive with googleadservices is confirmed and fixed.

Please re-run the scan to check.