Hello Johanna,
Hiw do you know it gets injected ? I can't reproduce it (classic you might say).
a little bit of literature : https://www.owasp.org/index.php/Testing_for_SSI_Injection_%28OTG-INPVAL-009%29
Cheers,
Zack
--
You received this message because you are subscribed to the Google Groups "OWASP ZAP Evangelists Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to zaproxy-evangel...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.