Comments are HTML comments that AppScan found during the Explore stage. Comments hidden in an HTML page can contain information that hackers find useful: sometimes developers, intentionally or accidently, leave comments for themselves or other developers in the final page. A hacker can harvest useful internal information from these comments, such as debug passwords.

Comments in the Result List

The list of comments shows the first line of the comment, and the first URL where it is located. If AppScan finds the same comment more than once, only the first instance is listed.

Comments in the Detail Pane

The Detail Pane shows the entire comment of the selected item in the Result List. Review the comments here to determine which should be removed from the final application.