Alert Tag: OWASP_2017_A06

https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html

All of the alerts which use this tag:
Search
.env Information Leak
.htaccess Information Leak
Anti-CSRF Tokens Check
Application Error Disclosure
Cloud Metadata Potentially Exposed
Content Security Policy (CSP) Header Not Set
Content-Type Header Missing
Cookie No HttpOnly Flag
Cookie Slack Detector
Cookie Without Secure Flag
Cross-Domain Misconfiguration
CSP: Malformed Policy (Non-ASCII)
CSP: Notices
CSP: script-src unsafe-hashes
CSP: script-src unsafe-inline
CSP: style-src unsafe-hashes
CSP: style-src unsafe-inline
CSP: Wildcard Directive
CSP: X-Content-Security-Policy
CSP: X-WebKit-CSP
Directory Browsing
ELMAH Information Leak
Emails Found in the Viewstate
Generic Padding Oracle
GET for POST
Hidden File Found
HTTP Only Site
HTTP Parameter Override
HTTP Server Response Header
HTTP to HTTPS Insecure Transition in Form Post
HTTPS Content Available via HTTP
HTTPS to HTTP Insecure Transition in Form Post
Image Exposes Location or Privacy Data
In Page Banner Information Leak
Insecure HTTP Method
Insecure JSF ViewState
Loosely Scoped Cookie
Missing Anti-clickjacking Header
Multiple X-Frame-Options Header Entries
Old Asp.Net Version in Use
Possible Username Enumeration
Potential IP Addresses Found in the Viewstate
Proxy Disclosure
Relative Path Confusion
Reverse Tabnabbing
Secure Pages Include Mixed Content
Source Code Disclosure
Source Code Disclosure - /WEB-INF folder
Source Code Disclosure - File Inclusion
Source Code Disclosure - Git
Source Code Disclosure - SVN
Split Viewstate in Use
Strict-Transport-Security Header
Sub Resource Integrity Attribute Missing
Trace.axd Information Leak
Viewstate without MAC Signature (Sure)
Viewstate without MAC Signature (Unsure)
Web Cache Deception
WSDL File Detection
X-AspNet-Version Response Header
X-Backend-Server Header Information Leak
X-Content-Type-Options Header Missing
X-Frame-Options Defined via META (Non-compliant with Spec)
X-Frame-Options Setting Malformed