/alerttags/cwe-327/ Recent content in CWE-327 on ZAP Hugo en-us /docs/alerts/100010/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/100010/ <p>A hash was discovered in the HTTP response body.</p> /docs/alerts/100021/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/100021/ <p>A request has been made that appears to conform to poor cryptography used by Telerik UI for ASP.NET AJAX prior to v2017.2.621. An attacker could manipulate the value of the dp parameter to possibly learn the machine key and upload arbitrary files, which could then lead to the compromise of ASP.NET ViewStates and arbitrary code execution respectively. CVE-2017-9248 has a CVSSv3 score of 9.8.</p>