Details
Alert ID 10017
Alert Type Passive
Status release
Risk Low
CWE 829
WASC 15
Technologies Targeted All
Tags CWE-829
OWASP_2021_A08
POLICY_DEV_STD
POLICY_PENTEST
POLICY_QA_STD
SYSTEMIC
More Info Scan Rule Help

Summary

The page includes one or more script files from a third-party domain.

Solution

Ensure JavaScript source files are loaded from only trusted sources, and the sources can't be controlled by end users of the application.

Other Info

References

Code

org/zaproxy/zap/extension/pscanrules/CrossDomainScriptInclusionScanRule.java