Alert Tag: OWASP_2021_A05

All of the alerts which use this tag:
Tag Link
.env Information Leak
.htaccess Information Leak
Anti-CSRF Tokens Check
Application Error Disclosure
Backup File Disclosure
Cloud Metadata Potentially Exposed
Content Security Policy (CSP) Header Not Set
Content Security Policy (CSP) Report-Only Header Found
Content-Type Header Empty
Content-Type Header Missing
Cookie No HttpOnly Flag
Cookie Slack Detector
Cookie Without Secure Flag
Cross-Domain Misconfiguration - Adobe - Read
Cross-Domain Misconfiguration - Adobe - Send
Cross-Domain Misconfiguration - Silverlight
CSP: Header & Meta
CSP: Malformed Policy (Non-ASCII)
CSP: Meta Policy Invalid Directive
CSP: Notices
CSP: script-src unsafe-eval
CSP: script-src unsafe-hashes
CSP: script-src unsafe-inline
CSP: style-src unsafe-hashes
CSP: style-src unsafe-inline
CSP: Wildcard Directive
CSP: X-Content-Security-Policy
Directory Browsing
ELMAH Information Leak
Full Path Disclosure
GraphQL Endpoint Supports Introspection
Hidden File Found
HTTP Only Site
HTTPS Content Available via HTTP
Image Exposes Location or Privacy Data
In Page Banner Information Leak
Insecure HTTP Method
Missing Anti-clickjacking Header
Multiple X-Frame-Options Header Entries
Obsolete Content Security Policy (CSP) Header Found
Possible Username Enumeration
Properties File Disclosure - /WEB-INF folder
Proxy Disclosure
Relative Path Confusion
Secure Pages Include Mixed Content
Server Leaks its Webserver Application via "Server" HTTP Response Header Field
Server Leaks Version Information via "Server" HTTP Response Header Field
Source Code Disclosure - /WEB-INF Folder
Source Code Disclosure - File Inclusion
Source Code Disclosure - Git
Source Code Disclosure - PHP
Source Code Disclosure - SVN
Strict-Transport-Security Defined via META (Non-compliant with Spec)
Strict-Transport-Security Disabled
Strict-Transport-Security Header Not Set
Strict-Transport-Security Header on Plain HTTP Response
Strict-Transport-Security Malformed Content (Non-compliant with Spec)
Strict-Transport-Security Max-Age Malformed (Non-compliant with Spec)
Strict-Transport-Security Missing Max-Age (Non-compliant with Spec)
Strict-Transport-Security Multiple Header Entries (Non-compliant with Spec)
Sub Resource Integrity Attribute Missing
Trace.axd Information Leak
Web Cache Deception
WSDL File Detection
X-AspNet-Version Response Header
X-Backend-Server Header Information Leak
X-Content-Type-Options Header Missing
X-Frame-Options Defined via META (Non-compliant with Spec)
X-Frame-Options Setting Malformed