Alert Tags

All of the defined Alert Tags:
Tag Link
CUSTOM_PAYLOADS
CVE-2022-42889
OUT_OF_BAND https://www.zaproxy.org/docs/desktop/addons/oast-support/
OWASP_2017_A01 https://owasp.org/www-project-top-ten/2017/A1_2017-Injection.html
OWASP_2017_A02 https://owasp.org/www-project-top-ten/2017/A2_2017-Broken_Authentication.html
OWASP_2017_A03 https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure.html
OWASP_2017_A04 https://owasp.org/www-project-top-ten/2017/A4_2017-XML_External_Entities_(XXE).html
OWASP_2017_A05 https://owasp.org/www-project-top-ten/2017/A5_2017-Broken_Access_Control.html
OWASP_2017_A06 https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html
OWASP_2017_A07 https://owasp.org/www-project-top-ten/2017/A7_2017-Cross-Site_Scripting_(XSS).html
OWASP_2017_A08 https://owasp.org/www-project-top-ten/2017/A8_2017-Insecure_Deserialization.html
OWASP_2017_A09 https://owasp.org/www-project-top-ten/2017/A9_2017-Using_Components_with_Known_Vulnerabilities.html
OWASP_2021_A01 https://owasp.org/Top10/A01_2021-Broken_Access_Control/
OWASP_2021_A02 https://owasp.org/Top10/A02_2021-Cryptographic_Failures/
OWASP_2021_A03 https://owasp.org/Top10/A03_2021-Injection/
OWASP_2021_A04 https://owasp.org/Top10/A04_2021-Insecure_Design/
OWASP_2021_A05 https://owasp.org/Top10/A05_2021-Security_Misconfiguration/
OWASP_2021_A06 https://owasp.org/Top10/A06_2021-Vulnerable_and_Outdated_Components/
OWASP_2021_A08 https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures/
WSTG-v42-ATHN-01 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/04-Authentication_Testing/01-Testing_for_Credentials_Transported_over_an_Encrypted_Channel
WSTG-v42-ATHN-04 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/04-Authentication_Testing/04-Testing_for_Bypassing_Authentication_Schema
WSTG-v42-ATHN-06 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/04-Authentication_Testing/06-Testing_for_Browser_Cache_Weaknesses
WSTG-v42-ATHZ-01 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/05-Authorization_Testing/01-Testing_Directory_Traversal_File_Include
WSTG-v42-ATHZ-04 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/05-Authorization_Testing/04-Testing_for_Insecure_Direct_Object_References
WSTG-v42-BUSL-09 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/10-Business_Logic_Testing/09-Test_Upload_of_Malicious_Files
WSTG-v42-CLNT-01 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/11-Client-side_Testing/01-Testing_for_DOM-based_Cross_Site_Scripting
WSTG-v42-CLNT-02 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/11-Client-side_Testing/02-Testing_for_JavaScript_Execution
WSTG-v42-CLNT-04 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/11-Client-side_Testing/04-Testing_for_Client-side_URL_Redirect
WSTG-v42-CLNT-07 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/11-Client-side_Testing/07-Testing_Cross_Origin_Resource_Sharing
WSTG-v42-CLNT-09 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/11-Client-side_Testing/09-Testing_for_Clickjacking
WSTG-v42-CONF-04 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/04-Review_Old_Backup_and_Unreferenced_Files_for_Sensitive_Information
WSTG-v42-CONF-05 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/05-Enumerate_Infrastructure_and_Application_Admin_Interfaces
WSTG-v42-CONF-06 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/06-Test_HTTP_Methods
WSTG-v42-CONF-08 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/08-Test_RIA_Cross_Domain_Policy
WSTG-v42-CRYP-01 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/09-Testing_for_Weak_Cryptography/01-Testing_for_Weak_Transport_Layer_Security
WSTG-v42-CRYP-02 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/09-Testing_for_Weak_Cryptography/02-Testing_for_Padding_Oracle
WSTG-v42-CRYP-03 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/09-Testing_for_Weak_Cryptography/03-Testing_for_Sensitive_Information_Sent_via_Unencrypted_Channels
WSTG-v42-ERRH-01 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/08-Testing_for_Error_Handling/01-Testing_For_Improper_Error_Handling
WSTG-v42-ERRH-02 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/08-Testing_for_Error_Handling/02-Testing_for_Stack_Traces
WSTG-v42-IDNT-04 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/03-Identity_Management_Testing/04-Testing_for_Account_Enumeration_and_Guessable_User_Account
WSTG-v42-INFO-02 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server
WSTG-v42-INFO-05 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/01-Information_Gathering/05-Review_Webpage_Content_for_Information_Leakage
WSTG-v42-INFO-08 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/01-Information_Gathering/08-Fingerprint_Web_Application_Framework
WSTG-v42-INPV-01 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/01-Testing_for_Reflected_Cross_Site_Scripting
WSTG-v42-INPV-02 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/02-Testing_for_Stored_Cross_Site_Scripting
WSTG-v42-INPV-04 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/04-Testing_for_HTTP_Parameter_Pollution
WSTG-v42-INPV-05 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/05-Testing_for_SQL_Injection
WSTG-v42-INPV-06 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/06-Testing_for_LDAP_Injection
WSTG-v42-INPV-07 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/07-Testing_for_XML_Injection
WSTG-v42-INPV-09 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/09-Testing_for_XPath_Injection
WSTG-v42-INPV-11 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11-Testing_for_Code_Injection
WSTG-v42-INPV-12 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/12-Testing_for_Command_Injection
WSTG-v42-INPV-15 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/15-Testing_for_HTTP_Splitting_Smuggling
WSTG-v42-SESS-02 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/06-Session_Management_Testing/02-Testing_for_Cookies_Attributes
WSTG-v42-SESS-03 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/06-Session_Management_Testing/03-Testing_for_Session_Fixation
WSTG-v42-SESS-04 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/06-Session_Management_Testing/04-Testing_for_Exposed_Session_Variables
WSTG-v42-SESS-05 https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/06-Session_Management_Testing/05-Testing_for_Cross_Site_Request_Forgery