Threat priority

  • Resolved prokops

    (@prokops)


    1 year, 1 month ago

    Hello!

    I have a situation where a site is infected with malware.

    The scanner returns two results a “high” and a “critical”

    https://paste.pics/Q9TQV (edited for clarity)

    The “critical” issue is a reported vulnerability in a widely used plugin. This poses a risk of getting malware or hacked.

    The “high” issue is an system file, modified with a malware script that loads in a third party hostile javascript.

    Why is the risk marked “critical” while the actual infection marked “high” ?

    This means I have to change my settings to get alerts at level “high” as this apparently needs acute and immediate attention, something I thought was reserved for critical issues.

    In short, why are modified core files not automatically marked “critical” ?

    Can you comment?

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Threat priority’ is closed to new replies.