WASC-15 Web Vulnerability & Security Checks | Invicti

Home / Vulnerabilities / WASC-15 / Page 2

Select Category

Search Vulnerability

Vulnerability Name

Classifications

Severity

Session Cookie Not Marked as Secure

PCI v3.2-6.5.10, CAPEC-102, CWE-614, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Medium

Sublime SFTP Config File Detected

CWE-16, ISO27001-A.18.1.3, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Medium

ViewState MAC Disabled

CWE-16, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-15, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

Medium

Autocomplete is Enabled

CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6

Low

Cookie Not Marked as HttpOnly

CAPEC-107, CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6

Low

Cookie Not Marked as Secure

PCI v3.2-6.5.10, CAPEC-102, CWE-614, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Low

Insecure Frame (External)

CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2017-A6

Low

Insecure JSONP Endpoint

CWE-20, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A1

Low

Insecure Reflected Content

CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A1

Low

Laravel Environment Configuration File Detected

CWE-285, ISO27001-A.9.4.1, WASC-15, OWASP 2013-A5, OWASP 2017-A6

Low

Misconfigured Access-Control-Allow-Origin Header

PCI v3.2-6.5.8, CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6

Low

Misconfigured Frame

CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2017-A6

Low

Build your resistance to threats. And save hundreds of hours each month.

Get a demo See how it works