Details
Alert Id 10027
Alert Type Passive Scan Rule
Status release
Risk
CWE
WASC

Summary

The response appears to contain suspicious comments which may help an attacker. Note: Matches made within script blocks or files are against the entire content not only comments.

Solution

Remove all comments that return information that may help an attacker and fix any underlying problems they refer to.

References

Code

org/zaproxy/zap/extension/pscanrules/InformationDisclosureSuspiciousCommentsScanRule.java