/alerttags/cwe-942/ Recent content in CWE-942 on ZAP Hugo en-us /docs/alerts/200017-3/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/200017-3/ <p>Adds passive CORS posture checks: missing Vary: Origin for dynamic ACAO, and permissive allowed headers/methods.</p> <p>Generated by OWASP PTK DAST Module</p> /docs/alerts/200017-2/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/200017-2/ <p>Adds passive CORS posture checks: missing Vary: Origin for dynamic ACAO, and permissive allowed headers/methods.</p> <p>Generated by OWASP PTK DAST Module</p> /docs/alerts/40040-1/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/40040-1/ <p>Cross-Origin Resource Sharing (CORS) is an HTTP-header based mechanism that allows a server to indicate any other origins (domain, scheme, or port) than its own from which a browser should permit loading of resources. It relaxes the Same-Origin Policy (SOP).</p> /docs/alerts/40040-2/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/40040-2/ <p>This CORS misconfiguration could allow an attacker to perform AJAX queries to the vulnerable website from a malicious page loaded by the victim&rsquo;s user agent. In order to perform authenticated AJAX queries, the server must specify the header &ldquo;Access-Control-Allow-Credentials: true&rdquo; and the &ldquo;Access-Control-Allow-Origin&rdquo; header must be set to null or the malicious page&rsquo;s domain. Even if this misconfiguration doesn&rsquo;t allow authenticated AJAX requests, unauthenticated sensitive content can still be accessed (e.g intranet websites). A malicious page can belong to a malicious website but also a trusted website with flaws (e.g XSS, support of HTTP without TLS allowing code injection through MITM, etc).</p> /docs/alerts/40040-3/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/40040-3/ <p>This CORS misconfiguration could allow an attacker to perform AJAX queries to the vulnerable website from a malicious page loaded by the victim&rsquo;s user agent. In order to perform authenticated AJAX queries, the server must specify the header &ldquo;Access-Control-Allow-Credentials: true&rdquo; and the &ldquo;Access-Control-Allow-Origin&rdquo; header must be set to null or the malicious page&rsquo;s domain. Even if this misconfiguration doesn&rsquo;t allow authenticated AJAX requests, unauthenticated sensitive content can still be accessed (e.g intranet websites). A malicious page can belong to a malicious website but also a trusted website with flaws (e.g XSS, support of HTTP without TLS allowing code injection through MITM, etc).</p> /docs/alerts/200017-1/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/200017-1/ <p>Adds passive CORS posture checks: missing Vary: Origin for dynamic ACAO, and permissive allowed headers/methods.</p> <p>Generated by OWASP PTK DAST Module</p>