Skip to main content

Type of Results/Alerts Covered

The DAST engine includes passive and active scan rules which find specific vulnerabilities.

Currently the type of alerts covered by DAST are the following:

Id

Alert

Severity

Type

0

Directory Browsing

Medium

Active

2

Private IP Disclosure

Low

Passive

3

Session ID in URL Rewrite

Passive

44929

Session ID in URL Rewrite

Medium

Passive

44960

Session ID in URL Rewrite

Medium

Passive

44988

Referer Exposes Session ID

Medium

Passive

6

Path Traversal

Active

44932

Path Traversal

High

Active

44963

Path Traversal

High

Active

44991

Path Traversal

High

Active

45022

Path Traversal

High

Active

45052

Path Traversal

High

Active

7

Remote File Inclusion

High

Active

10003

Vulnerable JS Library

Medium

Passive

10010

Cookie No HttpOnly Flag

Low

Passive

10011

Cookie Without Secure Flag

Low

Passive

10015

Re-examine Cache-control Directives

Informational

Passive

10017

Cross-Domain JavaScript Source File Inclusion

Low

Passive

10019

Content-Type Header Missing

Informational

Passive

10020

Anti-clickjacking Header

Passive

10020-1

Missing Anti-clickjacking Header

Medium

Passive

10020-2

Multiple X-Frame-Options Header Entries

Medium

Passive

10020-3

X-Frame-Options Defined via META (Non-compliant with Spec)

Medium

Passive

10020-4

X-Frame-Options Setting Malformed

Medium

Passive

10021

X-Content-Type-Options Header Missing

Low

Passive

10023

Information Disclosure - Debug Error Messages

Low

Passive

10024

Information Disclosure - Sensitive Information in URL

Informational

Passive

10025

Information Disclosure - Sensitive Information in HTTP Referrer Header

Informational

Passive

10027

Information Disclosure - Suspicious Comments

Informational

Passive

10028

Open Redirect

Passive

10029

Cookie Poisoning

Passive

10030

User Controllable Charset

Passive

10031

User Controllable HTML Element Attribute (Potential XSS)

Passive

10032

Viewstate

Passive

10032-1

Potential IP Addresses Found in the Viewstate

Medium

Passive

10032-2

Emails Found in the Viewstate

Medium

Passive

10032-3

Old Asp.Net Version in Use

Low

Passive

10032-4

Viewstate without MAC Signature (Unsure)

High

Passive

10032-5

Viewstate without MAC Signature (Sure)

High

Passive

10032-6

Split Viewstate in Use

Informational

Passive

10033

Directory Browsing

Passive

10034

Heartbleed OpenSSL Vulnerability (Indicative)

Passive

10035

Strict-Transport-Security Header

Passive

10036

HTTP Server Response Header

Passive

10036-1

Server Leaks its Webserver Application via 'Server' HTTP Response Header Field

Informational

Passive

10036-2

Server Leaks Version Information via 'Server' HTTP Response Header Field

Low

Passive

10037

Server Leaks Information via 'X-Powered-By' HTTP Response Header Field(s)

Low

Passive

10038

Content Security Policy (CSP) Header Not Set

Passive

10038-1

Content Security Policy (CSP) Header Not Set

Medium

Passive

10038-2

Obsolete Content Security Policy (CSP) Header Found

Informational

Passive

10038-3

Content Security Policy (CSP) Report-Only Header Found

Informational

Passive

10039

X-Backend-Server Header Information Leak

Passive

10040

Secure Pages Include Mixed Content

Passive

10041

HTTP to HTTPS Insecure Transition in Form Post

Passive

10042

HTTPS to HTTP Insecure Transition in Form Post

Passive

10043

User Controllable JavaScript Event (XSS)

Passive

10044

Big Redirect Detected (Potential Sensitive Information Leak)

Passive

10045

Source Code Disclosure - /WEB-INF folder

High

Active

10050

Retrieved from Cache

Passive

10052

X-ChromeLogger-Data (XCOLD) Header Information Leak

Passive

10054

Cookie without SameSite Attribute

Low

Passive

10055

CSP

Passive

10055-1

CSP: X-Content-Security-Policy

Low

Passive

10055-2

CSP: X-WebKit-CSP

Low

Passive

10055-3

CSP: Notices

Low

Passive

10055-4

CSP: Wildcard Directive

Medium

Passive

10055-5

CSP: script-src unsafe-inline

Medium

Passive

10055-6

CSP: style-src unsafe-inline

Medium

Passive

10055-7

CSP: script-src unsafe-hashes

Medium

Passive

10055-8

CSP: style-src unsafe-hashes

Medium

Passive

10055-9

CSP: Malformed Policy (Non-ASCII)

Medium

Passive

10055-10

CSP: script-src unsafe-eval

Medium

Passive

10055-11

CSP: Meta Policy Invalid Directive

Medium

Passive

10055-12

CSP: Header & Meta

Informational

Passive

10056

X-Debug-Token Information Leak

Low

Passive

10057

Username Hash Found

Informational

Passive

10058

GET for POST

Informational

Active

10061

X-AspNet-Version Response Header

Low

Passive

10062

PII Disclosure

High

Passive

10096

Timestamp Disclosure

Low

Passive

10097

Hash Disclosure

Passive

10098

Cross-Domain Misconfiguration

Medium

Passive

10104

User Agent Fuzzer

Informational

Active

10105

Weak Authentication Method

Passive

10108

Reverse Tabnabbing

Passive

10109

Modern Web Application

Passive

10202

Absence of Anti-CSRF Tokens

Passive

20015

Heartbleed OpenSSL Vulnerability

High

Active

20017

Source Code Disclosure - CVE-2012-1823

High

Active

20018

Remote Code Execution - CVE-2012-1823

High

Active

20019

External Redirect

Active

20019-1

External Redirect

High

Active

20019-2

External Redirect

High

Active

20019-3

External Redirect

High

Active

20019-4

External Redirect

High

Active

30001

Buffer Overflow

Medium

Active

30002

Format String Error

Medium

Active

40003

CRLF Injection

Medium

Active

40008

Parameter Tampering

Medium

Active

40009

Server Side Include

High

Active

40012

Cross Site Scripting (Reflected)

High

Active

40014

Cross Site Scripting (Persistent)

High

Active

40016

Cross Site Scripting (Persistent) - Prime

Informational

Active

40017

Cross Site Scripting (Persistent) - Spider

Informational

Active

40018

SQL Injection

High

Active

40019

SQL Injection - MySQL

High

Active

40020

SQL Injection - Hypersonic SQL

High

Active

40021

SQL Injection - Oracle

High

Active

40022

SQL Injection - PostgreSQL

High

Active

40024

SQL Injection - SQLite

High

Active

40026

Cross Site Scripting (DOM Based)

High

Active

40027

SQL Injection - MsSQL

High

Active

40028

ELMAH Information Leak

Medium

Active

40029

Trace.axd Information Leak

Medium

Active

40032

.htaccess Information Leak

Medium

Active

40034

.env Information Leak

Medium

Active

40035

Hidden File Found

Medium

Active

90001

Insecure JSF ViewState

Medium

Passive

90011

Charset Mismatch

Informational

Passive

90017

XSLT Injection

Medium

Active

90019

Server Side Code Injection

Active

90019-1

Server Side Code Injection - PHP Code Injection

High

Active

90019-2

Server Side Code Injection - ASP Code Injection

High

Active

90020

Remote OS Command Injection

High

Active

90022

Application Error Disclosure

Medium

Passive

90023

XML External Entity Attack

High

Active

90024

Generic Padding Oracle

High

Active

90033

Loosely Scoped Cookie

Informational

Passive

90034

Cloud Metadata Potentially Exposed

High

Active

110001

Application Error Disclosure via WebSockets

Medium

WebSocket Passive

110002

Base64 Disclosure in WebSocket message

Informational

WebSocket Passive

110003

Information Disclosure - Debug Error Messages via WebSocket

Low

WebSocket Passive

110004

Email address found in WebSocket message

Informational

WebSocket Passive

110005

Personally Identifiable Information via WebSocket

High

WebSocket Passive

110006

Private IP Disclosure via WebSocket

Low

WebSocket Passive

110007

Username Hash Found in WebSocket message

Informational

WebSocket Passive

110008

Information Disclosure - Suspicious Comments in XML via WebSocket

Informational

WebSocket Passive