Discussions
Stay up-to-date with the latest news from NetSuite. You’ll be in the know about how to connect with peers and take your business to new heights at our virtual, in-person, on demand events, and much more.
Now is the time to ask your NetSuite-savvy friends and colleagues to join the NetSuite Support Community! Refer now! Click here to watch and learn more!
Update your Profile with your Support type to get your Support Type badge.
Expand your NetSuite knowledge by joining our Ask A Guru Live sessions. RSVP on this event now.
Don't miss out on our Question of the Week! You only have until tomorrow, October 16, 2025, 2PM ET to comment your answers and earn rewards! Click here for more details.
Uncover the power of data with the Analytics Hub —your ultimate guide to mastering NetSuite Saved Searches and Reports. Simplify the complex and unlock your organization's true potential. Dive into the Analytics Hub now and soar to new heights!
To help you get the most out of your 2025.2 Release Preview account, review the topics outlined in the 2025.2 Release Preview Guide.
Share Your SuiteWorld Experience & Earn a Special Badge!
Intelligent Payment Automation version 1.0.3 is now available in the SuiteApp Marketplace. The SuiteApp, powered by BILL, lets you automate payments, manage vendor details, and bank account information within NetSuite. Learn more
ScanAlert Vulnerability - Database Error Disclosure Vulnerability
NS,
Can you please advise if you received a warning for the following vulnerability?
Database Error Disclosure Vulnerability
Description
During our analysis of your web application, we were able to intentionally generate database specific errors. By causing a system to generate errors such as these, it is often possible to determine the database version and inject database command syntax that would allow us to extract data.
However, during our review of the system output, we were unable to identify the database version preventing us from exploiting this further. The danger exists in that a determined hacker might be able to determine the proper syntax and extract data or gain control of the system.
0