@hitha
Please create one thread next time, also do not post security issues on the forum. Always create a valid POC and submit it to the security team.
I will say that most scanners give out a TON of false positives as it doesn't actually check functionality, rather checks to see if it gets a response back. 9/10 this doesn't necessarily mean a vulnerability.
Cheers.
