| Details | |
|---|---|
| Alert ID | 200015-2 |
| Alert Type | Tool |
| Status | alpha |
| Risk | Informational |
| CWE | 639 |
| WASC | |
| Technologies Targeted | All |
| Tags |
CWE-639 OWASP_2025_A01 OWASP_2025_A03 TOOL_PTK |
Summary
Flags request parameters and JSON keys commonly associated with high-impact findings (open redirect, SSRF, IDOR, file/path traversal).
Generated by OWASP PTK DAST Module
Solution
• Review identified parameters for input validation and strong authorization checks. • For redirect parameters, enforce allowlists and avoid open redirects. • For URL fetch/webhook parameters, enforce strict allowlists and block internal IP ranges.Other Info
References
- https://owasp.org/Top10/2025/A01_2025-Broken_Access_Control/
- https://cwe.mitre.org/data/definitions/200.html