| Details | |
|---|---|
| Alert ID | 90002 |
| Alert Type | Passive |
| Status | beta |
| Risk | Medium |
| CWE | 502 |
| WASC | |
| Technologies Targeted | All |
| Tags |
CWE-502 OWASP_2017_A08 OWASP_2021_A04 |
| More Info |
Scan Rule Help |
Summary
Java Serialization seems to be in use. If not correctly validated, an attacker can send a specially crafted object. This can lead to a dangerous “Remote Code Execution”. A magic sequence identifying JSO has been detected (Base64: rO0AB, Raw: 0xac, 0xed, 0x00, 0x05).