CWE-829 on ZAP /alerttags/cwe-829/ Recent content in CWE-829 on ZAP Hugo en-us Cross-Domain JavaScript Source File Inclusion /docs/alerts/10017/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10017/ <p>The page includes one or more script files from a third-party domain.</p> Review dynamic import usage /docs/alerts/220007-3/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/220007-3/ <p>Detects dynamic script, worker, and service-worker loader endpoints that can be influenced by attacker-controlled client-side data.</p> <p>Generated by OWASP PTK SAST Module</p> Review importScripts usage /docs/alerts/220007-7/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/220007-7/ <p>Detects dynamic script, worker, and service-worker loader endpoints that can be influenced by attacker-controlled client-side data.</p> <p>Generated by OWASP PTK SAST Module</p> Review jQuery getScript usage /docs/alerts/220007-1/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/220007-1/ <p>Detects dynamic script, worker, and service-worker loader endpoints that can be influenced by attacker-controlled client-side data.</p> <p>Generated by OWASP PTK SAST Module</p> Review serviceWorker.register usage /docs/alerts/220007-6/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/220007-6/ <p>Detects dynamic script, worker, and service-worker loader endpoints that can be influenced by attacker-controlled client-side data.</p> <p>Generated by OWASP PTK SAST Module</p> Review SharedWorker constructor usage /docs/alerts/220007-5/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/220007-5/ <p>Detects dynamic script, worker, and service-worker loader endpoints that can be influenced by attacker-controlled client-side data.</p> <p>Generated by OWASP PTK SAST Module</p> Review System.import usage /docs/alerts/220007-2/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/220007-2/ <p>Detects dynamic script, worker, and service-worker loader endpoints that can be influenced by attacker-controlled client-side data.</p> <p>Generated by OWASP PTK SAST Module</p> Review Worker constructor usage /docs/alerts/220007-4/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/220007-4/ <p>Detects dynamic script, worker, and service-worker loader endpoints that can be influenced by attacker-controlled client-side data.</p> <p>Generated by OWASP PTK SAST Module</p> Script Served From Malicious Domain (polyfill) /docs/alerts/10115-1/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10115-1/ <p>The page includes one or more script files loaded from one of the &lsquo;polyfill&rsquo; domains. These are not associated with the polyfill.js library and are known to serve malicious content.</p> Script Served From Malicious Domain (polyfill) /docs/alerts/10115-2/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10115-2/ <p>The page includes one or more script which appear to include a reference to one of the &lsquo;polyfill&rsquo; domains. These are not associated with the polyfill.js library and are known to serve malicious content. You should check to see if it is a safe reference (for example in a comment) or whether the script is loading content from that domain.</p> Tainted worker or script loader URL /docs/alerts/220007-8/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/220007-8/ <p>Detects dynamic script, worker, and service-worker loader endpoints that can be influenced by attacker-controlled client-side data.</p> <p>Generated by OWASP PTK SAST Module</p>