Details
Alert Id 90002
Alert Type Passive Scan Rule
Status alpha
Risk
CWE
WASC

Summary

Java Serialization seems to be in use. If not correctly validated, an attacker can send a specially crafted object. This can lead to a dangerous “Remote Code Execution”. A magic sequence identifying JSO has been detected (Base64: rO0AB, Raw: 0xac, 0xed, 0x00, 0x05).

Solution

Deserialization of untrusted data is inherently dangerous and should be avoided.

References

Code

org/zaproxy/zap/extension/pscanrulesAlpha/JsoScanRule.java