|
Cross-site Scripting (XSS)
| |
|
Overly Permissive CORS
| |
|
Improper Privilege Management
| |
|
Access Restriction Bypass
| |
|
Improper Input Validation
| |
|
Cross-site Scripting (XSS)
| |
|
Cross-site Scripting (XSS)
| |
|
Cross-site Scripting (XSS)
| |
|
Cross-site Scripting (XSS)
| |
|
Cross-site Scripting (XSS)
| |
|
Denial of Service (DoS)
| |
|
Incorrectly Specified Destination in a Communication Channel
| |
|
Improper Handling of Values
| |
|
Cross-site Request Forgery (CSRF)
| |
|
Cross-site Request Forgery (CSRF)
| |
|
Cross-site Request Forgery (CSRF)
| |
|
Cross-site Request Forgery (CSRF)
| |
|
Cross-site Request Forgery (CSRF)
| |
|
Improper Verification of Source of a Communication Channel
| |
|
Improper Authentication
| |
|
Improper Authentication
| |
|
Access Restriction Bypass
| |
|
Authorization Bypass
| |
|
Access Restriction Bypass
| |
|
Improper Verification of Source of a Communication Channel
| |
|
Access Control Bypass
| |
|
Comparison of Object References Instead of Object Contents
| |
|
Insufficient Granularity of Access Control
| |
|
Improper Authorization
| |
|
Improper Authorization
| |
|
Incorrect Use of Privileged APIs
| |
|
Access Control Bypass
| |
|
Improper Privilege Management
| |
|
Access Control Bypass
| |
|
Cross-site Scripting (XSS)
| |
|
Improper Authentication
| |
|
Information Exposure
| |
|
Denial of Service (DoS)
| |
|
Cross-site Scripting (XSS)
| |
|
Sensitive Cookie in HTTPS Session Without "Secure" Attribute
| |
|
Cross-site Scripting (XSS)
| |
|
Cross-site Scripting (XSS)
| |
