Details
Alert Id 90003
Alert Type Passive
Status alpha
Risk
CWE
WASC
Tags OWASP_2017_A06
OWASP_2021_A05

Summary

The integrity attribute is missing on a script or link tag served by an external server. The integrity tag prevents an attacker who have gained access to this server from injecting a malicious content.

Solution

Provide a valid integrity attribute to the tag.

References

Code

org/zaproxy/zap/extension/pscanrulesAlpha/SubResourceIntegrityAttributeScanRule.java