| 41 |
Source Code Disclosure - Git |
beta |
High |
Active |
| 42 |
Source Code Disclosure - SVN |
beta |
Medium |
Active |
| 43 |
Source Code Disclosure - File Inclusion |
beta |
High |
Active |
| 10009 |
In Page Banner Information Leak |
release |
Low |
Passive |
| 10010 |
Cookie No HttpOnly Flag |
release |
Low |
Passive |
| 10011 |
Cookie Without Secure Flag |
release |
Low |
Passive |
| 10019-1 |
Content-Type Header Missing |
release |
Informational |
Passive |
| 10019-2 |
Content-Type Header Empty |
release |
Informational |
Passive |
| 10020-1 |
Missing Anti-clickjacking Header |
release |
Medium |
Passive |
| 10020-2 |
Multiple X-Frame-Options Header Entries |
release |
Medium |
Passive |
| 10020-3 |
X-Frame-Options Defined via META (Non-compliant with Spec) |
release |
Medium |
Passive |
| 10020-4 |
X-Frame-Options Setting Malformed |
release |
Medium |
Passive |
| 10021 |
X-Content-Type-Options Header Missing |
release |
Low |
Passive |
| 10033 |
Directory Browsing |
release |
Medium |
Passive |
| 10035-1 |
Strict-Transport-Security Header Not Set |
release |
Low |
Passive |
| 10035-2 |
Strict-Transport-Security Disabled |
release |
Low |
Passive |
| 10035-3 |
Strict-Transport-Security Multiple Header Entries (Non-compliant with Spec) |
release |
Low |
Passive |
| 10035-4 |
Strict-Transport-Security Header on Plain HTTP Response |
release |
Informational |
Passive |
| 10035-5 |
Strict-Transport-Security Missing Max-Age (Non-compliant with Spec) |
release |
Low |
Passive |
| 10035-6 |
Strict-Transport-Security Defined via META (Non-compliant with Spec) |
release |
Low |
Passive |
| 10035-7 |
Strict-Transport-Security Max-Age Malformed (Non-compliant with Spec) |
release |
Low |
Passive |
| 10035-8 |
Strict-Transport-Security Malformed Content (Non-compliant with Spec) |
release |
Low |
Passive |
| 10036-1 |
Server Leaks its Webserver Application via "Server" HTTP Response Header Field |
release |
Informational |
Passive |
| 10036-2 |
Server Leaks Version Information via "Server" HTTP Response Header Field |
release |
Low |
Passive |
| 10038-1 |
Content Security Policy (CSP) Header Not Set |
release |
Medium |
Passive |
| 10038-2 |
Obsolete Content Security Policy (CSP) Header Found |
release |
Informational |
Passive |
| 10038-3 |
Content Security Policy (CSP) Report-Only Header Found |
release |
Informational |
Passive |
| 10039 |
X-Backend-Server Header Information Leak |
release |
Low |
Passive |
| 10040 |
Secure Pages Include Mixed Content |
release |
Low |
Passive |
| 10045-1 |
Source Code Disclosure - /WEB-INF Folder |
release |
High |
Active |
| 10045-2 |
Properties File Disclosure - /WEB-INF folder |
release |
High |
Active |
| 10051 |
Relative Path Confusion |
beta |
Medium |
Active |
| 10055-1 |
CSP: X-Content-Security-Policy |
release |
Low |
Passive |
| 10055-2 |
CSP: X-WebKit-CSP |
release |
Low |
Passive |
| 10055-3 |
CSP: Notices |
release |
Low |
Passive |
| 10055-4 |
CSP: Wildcard Directive |
release |
Medium |
Passive |
| 10055-5 |
CSP: script-src unsafe-inline |
release |
Medium |
Passive |
| 10055-6 |
CSP: style-src unsafe-inline |
release |
Medium |
Passive |
| 10055-7 |
CSP: script-src unsafe-hashes |
release |
Medium |
Passive |
| 10055-8 |
CSP: style-src unsafe-hashes |
release |
Medium |
Passive |
| 10055-9 |
CSP: Malformed Policy (Non-ASCII) |
release |
Medium |
Passive |
| 10055-10 |
CSP: script-src unsafe-eval |
release |
Medium |
Passive |
| 10055-11 |
CSP: Meta Policy Invalid Directive |
release |
Medium |
Passive |
| 10055-12 |
CSP: Header & Meta |
release |
Informational |
Passive |
| 10055-13 |
CSP: Failure to Define Directive with No Fallback |
release |
Medium |
Passive |
| 10061 |
X-AspNet-Version Response Header |
release |
Low |
Passive |
| 10095 |
Backup File Disclosure |
beta |
Medium |
Active |
| 10099 |
Source Code Disclosure - PHP |
beta |
Medium |
Passive |
| 10103 |
Image Exposes Location or Privacy Data |
beta |
Informational |
Passive |
| 10107 |
Httpoxy - Proxy Header Misuse |
beta |
High |
Active |
| 10109 |
Modern Web Application |
release |
Informational |
Passive |
| 20012 |
Anti-CSRF Tokens Check |
beta |
Medium |
Active |
| 20016-1 |
Cross-Domain Misconfiguration - Adobe - Read |
beta |
High |
Active |
| 20016-2 |
Cross-Domain Misconfiguration - Adobe - Send |
beta |
High |
Active |
| 20016-3 |
Cross-Domain Misconfiguration - Silverlight |
beta |
High |
Active |
| 20017 |
Source Code Disclosure - CVE-2012-1823 |
release |
High |
Active |
| 40023 |
Possible Username Enumeration |
beta |
Informational |
Active |
| 40025-1 |
Proxy Disclosure |
beta |
High |
Active |
| 40025-2 |
Proxy Disclosure |
beta |
Medium |
Active |
| 40028 |
ELMAH Information Leak |
release |
Medium |
Active |
| 40029 |
Trace.axd Information Leak |
release |
Medium |
Active |
| 40032 |
.htaccess Information Leak |
release |
Medium |
Active |
| 40034 |
.env Information Leak |
release |
Medium |
Active |
| 40035 |
Hidden File Found |
release |
Medium |
Active |
| 40039 |
Web Cache Deception |
alpha |
Medium |
Active |
| 40042 |
Spring Actuator Information Leak |
release |
Medium |
Active |
| 50007-1 |
GraphQL Endpoint Supports Introspection |
alpha |
Informational |
Tool |
| 90003 |
Sub Resource Integrity Attribute Missing |
release |
Medium |
Passive |
| 90011-1 |
Charset Mismatch (Header Versus Meta Content-Type Charset) |
release |
Informational |
Passive |
| 90011-2 |
Charset Mismatch (Header Versus Meta Charset) |
release |
Informational |
Passive |
| 90011-3 |
Charset Mismatch (Meta Charset Versus Meta Content-Type Charset) |
release |
Informational |
Passive |
| 90011-4 |
Charset Mismatch |
release |
Informational |
Passive |
| 90022 |
Application Error Disclosure |
release |
Medium |
Passive |
| 90027 |
Cookie Slack Detector |
beta |
Informational |
Active |
| 90028-1 |
Insecure HTTP Method - DELETE |
beta |
Medium |
Active |
| 90028-2 |
Insecure HTTP Method - PUT |
beta |
Medium |
Active |
| 90028-3 |
Insecure HTTP Method - TRACE |
beta |
Medium |
Active |
| 90028-4 |
Insecure HTTP Method - CONNECT |
beta |
Medium |
Active |
| 90028-5 |
Insecure HTTP Method - PROPFIND |
beta |
Informational |
Active |
| 90028-6 |
Insecure HTTP Method - PUT |
beta |
Medium |
Active |
| 90030 |
WSDL File Detection |
beta |
|
Passive |
| 90034 |
Cloud Metadata Potentially Exposed |
release |
High |
Active |
| 100043-1 |
Vulnerable Swagger UI Version Detected |
alpha |
High |
Script Active |
| 100043-2 |
Exposed Secrets in Swagger/OpenAPI Path |
alpha |
High |
Script Active |
| 110009 |
Full Path Disclosure |
alpha |
Low |
Passive |
| 200004-1 |
Exposure of Git repository |
alpha |
Medium |
Tool |
| 200004-2 |
Exposure of SVN repository |
alpha |
Medium |
Tool |
| 200004-3 |
Exposure of Mercurial repository |
alpha |
Medium |
Tool |
| 200005-1 |
Missing Content-Security-Policy header |
alpha |
Low |
Tool |
| 200005-2 |
CSP allows inline/eval or wildcards in script/style |
alpha |
Low |
Tool |
| 200005-3 |
CSP 'frame-ancestors' missing or overly broad |
alpha |
Low |
Tool |
| 200005-4 |
CSP Report-Only present without enforcing CSP |
alpha |
Low |
Tool |
| 200005-5 |
Missing Strict-Transport-Security header (on HTTPS) |
alpha |
Low |
Tool |
| 200005-6 |
Strict-Transport-Security sent over HTTP (ineffective) |
alpha |
Low |
Tool |
| 200005-7 |
HSTS max-age too low or missing includeSubDomains |
alpha |
Low |
Tool |
| 200005-8 |
X-Powered-By header or equivalent present |
alpha |
Low |
Tool |
| 200005-9 |
Server banner discloses software/version |
alpha |
Low |
Tool |
| 200005-10 |
Missing or invalid X-Content-Type-Options |
alpha |
Low |
Tool |
| 200005-11 |
X-XSS-Protection header is a legacy directive |
alpha |
Low |
Tool |
| 200005-12 |
Expect-CT is deprecated |
alpha |
Low |
Tool |
| 200005-13 |
COOP set without COEP/CORP (incomplete cross-origin isolation) |
alpha |
Low |
Tool |
| 200005-14 |
COEP present but value is not 'require-corp' or 'credentialless' |
alpha |
Low |
Tool |
| 200005-15 |
Deprecated Feature-Policy or unknown/overly-permissive Permissions-Policy |
alpha |
Low |
Tool |
| 200005-16 |
Missing or weak Referrer-Policy |
alpha |
Low |
Tool |
| 200005-17 |
Clear-Site-Data present but missing executionContexts |
alpha |
Low |
Tool |
| 200005-18 |
Clear-Site-Data uses wildcard * |
alpha |
Low |
Tool |
| 200005-19 |
CORS allows any origin with credentials |
alpha |
Low |
Tool |
| 200005-20 |
Sensitive cookies missing security flags |
alpha |
Low |
Tool |
| 200005-21 |
Potentially authenticated content lacks no-store |
alpha |
Low |
Tool |
| 200005-22 |
Public-Key-Pins is deprecated |
alpha |
Low |
Tool |
| 200005-23 |
COOP present but value is not 'same-origin' |
alpha |
Low |
Tool |
| 200009-1 |
JavaScript includes sourceMappingURL |
alpha |
Low |
Tool |
| 200009-2 |
HTML references .map files |
alpha |
Low |
Tool |
| 200009-3 |
Webpack dev-server / hot reload artifacts |
alpha |
Low |
Tool |
| 200009-4 |
Next.js build metadata exposed |
alpha |
Low |
Tool |
| 200011-1 |
Private key material exposed |
alpha |
Low |
Tool |
| 200011-2 |
AWS Access Key ID pattern |
alpha |
Low |
Tool |
| 200011-3 |
Slack token pattern |
alpha |
Low |
Tool |
| 200011-4 |
GitHub token pattern |
alpha |
Low |
Tool |
| 200011-5 |
Sentry DSN exposed |
alpha |
Low |
Tool |
| 200011-6 |
Firebase config exposed |
alpha |
Low |
Tool |
| 200011-7 |
Stripe publishable key exposed |
alpha |
Low |
Tool |
| 200011-8 |
Mapbox token exposed |
alpha |
Low |
Tool |
| 200011-9 |
Google API key pattern |
alpha |
Low |
Tool |
| 200014-1 |
access_token/id_token in URL |
alpha |
Medium |
Tool |
| 200014-2 |
JWT-like value in URL |
alpha |
Medium |
Tool |
| 200014-3 |
api_key/key in URL |
alpha |
Medium |
Tool |
| 220008-1 |
Avoid postMessage with wildcard targetOrigin |
alpha |
Medium |
Tool |
| 220008-2 |
Specify postMessage targetOrigin |
alpha |
Medium |
Tool |
| 220008-3 |
Avoid weak origin substring checks |
alpha |
Medium |
Tool |
| 220008-4 |
Avoid permissive regex origin checks |
alpha |
Medium |
Tool |
| 220008-5 |
Origin check uses host fragment only |
alpha |
Medium |
Tool |
| 220008-6 |
Review message event listeners |
alpha |
Medium |
Tool |
| 220008-7 |
Message handler without origin validation |
alpha |
Medium |
Tool |
| 220008-8 |
Wildcard reply from message handler |
alpha |
Medium |
Tool |
| 220008-9 |
Web Message Injection (taint flow) |
alpha |
Medium |
Tool |
| 220009-1 |
Review assignments to href/src/action |
alpha |
Medium |
Tool |
| 220009-2 |
DOM-based Link Manipulation (taint flow) |
alpha |
Medium |
Tool |
| 220010-1 |
Untrusted DOM data into navigation-adjacent sinks |
alpha |
Medium |
Tool |
| 220010-2 |
Untrusted DOM data into createHTMLDocument |
alpha |
Medium |
Tool |
| 220010-3 |
Untrusted DOM data into UI mutation sinks |
alpha |
Medium |
Tool |