Details | |
---|---|
Alert Id | 10031 |
Alert Type | Passive |
Status | release |
Risk | |
CWE | |
WASC | |
Technologies Targeted | All |
Tags |
OWASP_2017_A01 OWASP_2021_A03 |
Summary
This check looks at user-supplied input in query string parameters and POST data to identify where certain HTML attribute values might be controlled. This provides hot-spot detection for XSS (cross-site scripting) that will require further review by a security analyst to determine exploitability.