How to remove: URL: Blacklist ?

[WebHMI]

Hello.
The domain of our company (hxtps://level2.webhmi.com.ua/) was added to the blacklist for no known reason. Other site aliases are fine.
Checked by:
https://sitecheck.sucuri.net/results/level2.webhmi.com.ua
https://zulu.zscaler.com/report/69b966a9-c506-447c-a49e-926fd2d081b7
Please remove it from the blacklist.

[DavidR]

Use the link given in an earlier post.

Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php

[polonus]

Witam WebHMI,

Good to report this issue and then get a final verdict from avast team, whether this is indeed an FP.
Also consider there are at least two more vendors that flag that website as malicious:
https://www.virustotal.com/gui/url/58d860b4ea97461b9ac8489264fd0b7c7fa33e0319049667167dd73f982082cb

However the following retire.js library issues should be looked into:

bootstrap   3.3.7   Found in -https://level2.webhmi.com.ua/public/js/libs/bootstrap.js?85a31cf4 _____Vulnerability info:
Medium   28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-8331   1
Medium   20184 XSS in data-target property of scrollspy CVE-2018-14041   
Medium   20184 XSS in collapse data-parent attribute CVE-2018-14040   
Medium   20184 XSS in data-container property of tooltip CVE-2018-14042   
Medium   XSS is possible in the data-target attribute. CVE-2016-10735   
handlebars   4.0.11   Found in -https://level2.webhmi.com.ua/public/js/main.js?0952e4e0 _____Vulnerability info:
High   A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template   
High   A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template   
Low   Disallow calling helperMissing and blockHelperMissing directly   
Medium   Prototype pollution   
jquery   1.10.2.min   Found in -https://level2.webhmi.com.ua/assets/js/vendor/jquery-1.10.2.min.js _____Vulnerability info:
Medium   2432 3rd party CORS request may execute CVE-2015-9251   
Medium   CVE-2015-9251 11974 parseHTML() executes scripts in event handlers   
Medium   CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution   123
Medium   CVE-2020-11022 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS   
Medium   CVE-2020-11023 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS   
moment.js   2.15.1   Found in -https://level2.webhmi.com.ua/public/js/libs/moment.js?6a270a2f _____Vulnerability info:
Medium   Regular Expression Denial of Service (ReDoS)   
Low   Regular Expression Denial of Service (ReDoS) CVE-2017-18214   

pozdrawiam,

polonus (volunteer 3rd party cold recon website security-analyst and website error-hunter)

[алексей38]

Good afternoon, my site http://xn--90aogst.xn--p1ai / was blacklisted, at the moment the site is completely cleaned, I ask you to assist in excluding it from the blacklist.

[Asyn]

-> https://sitecheck.sucuri.net/results/xn--90aogst.xn--p1ai
-> https://www.virustotal.com/gui/url/460203373c10c4102d8d628ecd10f2396316f1d0d29d3a4d37b3c0cb8054bec5?nocache=1

[bob3160]

Apparently Avast isn't the only one that tags the site.

Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php