The file acwmain.js withing the package Aspose.Cells.20.5.0\acw_client and below versions that we have are all being flagged by Static Scan for Open redirect vulnerability on function call gridajaxcall at line 368.
Kindly help with your comments and resolutions.
@vinayakbaddi6,
We need to investigate this issue and have logged it in our database for further analysis. You will be updated here once any feedback is ready to share.
This issue is logged as:
CELLSNET-47518-Flag raised by Static Scan for Open redirect vulnerability
Please try this scenario with the latest version 20.7 and share if same flag is raised or not.
We evaluated your issue further and found it is not an issue. Please note, Aspose.Cells.GridWeb needs to do ajaxcall update from its basic server side page. The url is always the .aspx page, so it is not vulnerable.