Details
Alert Id 90003
Alert Type Passive Scan Rule
Status alpha
Risk
CWE
WASC

Summary

The integrity attribute is missing on a script or link tag served by an external server. The integrity tag prevents an attacker who have gained access to this server from injecting a malicious content.

Solution

Provide a valid integrity attribute to the tag.

References

Code

org/zaproxy/zap/extension/pscanrulesAlpha/SubResourceIntegrityAttributeScanRule.java