| Details | |
|---|---|
| Alert ID | 200012-5 |
| Alert Type | Tool |
| Status | alpha |
| Risk | Informational |
| CWE | 200 |
| WASC | |
| Technologies Targeted | All |
| Tags |
CWE-200 OWASP_2021_A05 TOOL_PTK |
Summary
Detects exposure of API documentation, specs, and interactive consoles observed in traffic.
Generated by OWASP PTK DAST Module
Solution
• Restrict API documentation endpoints to authenticated users where appropriate. • Disable interactive consoles in production or protect them with strong auth.Other Info
References
- https://owasp.org/Top10/2025/A02_2025-Security_Misconfiguration/
- https://cwe.mitre.org/data/definitions/200.html