Download

Alert Tag: CWE-346

Alert Tags > CWE-346

https://cwe.mitre.org/data/definitions/346.html

All of the alerts which use this tag:
ID Alert Status Risk Type
100025 Cross-Site WebSocket Hijacking alpha High Script Active
220008-1 Avoid postMessage with wildcard targetOrigin alpha Medium Tool
220008-2 Specify postMessage targetOrigin alpha Medium Tool
220008-3 Avoid weak origin substring checks alpha Medium Tool
220008-4 Avoid permissive regex origin checks alpha Medium Tool
220008-5 Origin check uses host fragment only alpha Medium Tool
220008-6 Review message event listeners alpha Medium Tool
220008-7 Message handler without origin validation alpha Medium Tool
220008-8 Wildcard reply from message handler alpha Medium Tool
220008-9 Web Message Injection (taint flow) alpha Medium Tool