SQL_Injection_Victim is a misleading name

Description

I suggest changing the name of this notice to SQL_Injection_Target. Having "victim" in the name implies to me that the attack succeeded, which is not what the associated logic is about.

Indeed, I even wonder if this notice is useful. The information should be directly available from SQL_Injection_Attacker notices (though it doesn't appear to be currently set up to provide this - why not?).

Environment

None

Assignee

Seth Hall

Reporter

Vern Paxson

Labels

None

External issue ID

None

Components

Priority

Normal
Configure