root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2024-01-30 03:10:23 +00:00
parent a477a10c98
commit 05bfee0cb8
208 changed files with 6703 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
app/controllers/concerns/creates_commit.rb
View File

@ -138,7 +138,8 @@ module CreatesCommit
# Even if the field is set, if we're checking the same branch
# as the target branch in the same project,
# we don't want to create a merge request.
params[:create_merge_request].present? &&
# FIXME: We should use either 1 or true, not both.
ActiveModel::Type::Boolean.new.cast(params[:create_merge_request]) &&
(@different_project || @start_branch != @branch_name) # rubocop:disable Gitlab/ModuleWithInstanceVariables
end

4
app/models/ci/bridge.rb
View File

@ -32,10 +32,8 @@ module Ci
state_machine :status do
after_transition [:created, :manual, :waiting_for_resource] => :pending do |bridge|
next unless bridge.triggers_downstream_pipeline?
bridge.run_after_commit do
::Ci::CreateDownstreamPipelineWorker.perform_async(bridge.id)
Ci::TriggerDownstreamPipelineService.new(bridge).execute # rubocop: disable CodeReuse/ServiceClass
end
end

3
app/models/concerns/enums/ci/commit_status.rb
View File

@ -41,7 +41,8 @@ module Enums
secrets_provider_not_found: 1_008,
reached_max_descendant_pipelines_depth: 1_009,
ip_restriction_failure: 1_010,
reached_max_pipeline_hierarchy_size: 1_011
reached_max_pipeline_hierarchy_size: 1_011,
reached_downstream_pipeline_trigger_rate_limit: 1_012
}
end
end

3
app/presenters/commit_status_presenter.rb
View File

@ -37,7 +37,8 @@ class CommitStatusPresenter < Gitlab::View::Presenter::Delegated
environment_creation_failure: 'This job could not be executed because it would create an environment with an invalid parameter.',
deployment_rejected: 'This deployment job was rejected.',
ip_restriction_failure: "This job could not be executed because group IP address restrictions are enabled, and the runner's IP address is not in the allowed range.",
failed_outdated_deployment_job: 'The deployment job is older than the latest deployment, and therefore failed.'
failed_outdated_deployment_job: 'The deployment job is older than the latest deployment, and therefore failed.',
reached_downstream_pipeline_trigger_rate_limit: 'Too many downstream pipelines triggered in the last minute. Try again later.'
}.freeze
TROUBLESHOOTING_DOC = {

61
app/services/ci/trigger_downstream_pipeline_service.rb Normal file
View File

@ -0,0 +1,61 @@
# frozen_string_literal: true
module Ci
# Enqueues the downstream pipeline worker.
class TriggerDownstreamPipelineService
# This is a temporary constant. It may be converted into an application setting
# in the future. See https://gitlab.com/gitlab-org/gitlab/-/issues/425941.
DOWNSTREAM_PIPELINE_TRIGGER_LIMIT_PER_PROJECT_USER_SHA = 50
def initialize(bridge)
@bridge = bridge
@current_user = bridge.user
@project = bridge.project
@pipeline = bridge.pipeline
end
def execute
unless bridge.triggers_downstream_pipeline?
return ServiceResponse.success(message: 'Does not trigger a downstream pipeline')
end
if rate_limit_throttled? && enforce_rate_limit?
bridge.drop!(:reached_downstream_pipeline_trigger_rate_limit)
return ServiceResponse.error(message: 'Reached downstream pipeline trigger rate limit')
end
CreateDownstreamPipelineWorker.perform_async(bridge.id)
ServiceResponse.success(message: 'Downstream pipeline enqueued')
end
private
attr_reader :bridge, :current_user, :project, :pipeline
def rate_limit_throttled?
scope = [project, current_user, pipeline.sha]
::Gitlab::ApplicationRateLimiter.throttled?(:downstream_pipeline_trigger, scope: scope).tap do |throttled|
create_throttled_log_entry if throttled
end
end
def create_throttled_log_entry
::Gitlab::AppJsonLogger.info(
class: self.class.name,
project_id: project.id,
current_user_id: current_user.id,
pipeline_sha: pipeline.sha,
subscription_plan: project.actual_plan_name,
downstream_type: bridge.triggers_child_pipeline? ? 'child' : 'multi-project',
message: 'Activated downstream pipeline trigger rate limit'
)
end
def enforce_rate_limit?
::Feature.enabled?(:ci_rate_limit_downstream_pipelines, project, type: :gitlab_com_derisk)
end
end
end

9
config/feature_flags/gitlab_com_derisk/ci_rate_limit_downstream_pipelines.yml Normal file
View File

@ -0,0 +1,9 @@
---
name: ci_rate_limit_downstream_pipelines
feature_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/425941
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/142869
rollout_issue_url: https://gitlab.com/gitlab-com/gl-infra/production/-/issues/17471
milestone: '16.9'
group: group::pipeline authoring
type: gitlab_com_derisk
default_enabled: false

10
db/docs/scan_result_policy_violations.yml
View File

@ -7,4 +7,12 @@ feature_categories:
description: Stores scan result policy violations.
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/132254
milestone: '16.5'
gitlab_schema: gitlab_main
gitlab_schema: gitlab_main_cell
allow_cross_joins:
- gitlab_main_clusterwide
allow_cross_transactions:
- gitlab_main_clusterwide
allow_cross_foreign_keys:
- gitlab_main_clusterwide
sharding_key:
project_id: projects

8
db/docs/security_orchestration_policy_configurations.yml
View File

@ -4,9 +4,11 @@ classes:
- Security::OrchestrationPolicyConfiguration
feature_categories:
- security_policy_management
description: |
Relates a Project/Namespace and Security Orchestration Policy Project, where Security
Policies are stored in the repository as a YAML file.
description: Relates a Project/Namespace and Security Orchestration Policy Project,
where Security Policies are stored in the repository as a YAML file.
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/53743
milestone: '13.9'
gitlab_schema: gitlab_main_cell
sharding_key:
project_id: projects
namespace_id: namespaces

13
db/docs/software_license_policies.yml
View File

@ -4,7 +4,16 @@ classes:
- SoftwareLicensePolicy
feature_categories:
- security_policy_management
description: Allows user to approve or deny the use certain software licenses in their project.
description: Allows user to approve or deny the use certain software licenses in their
project.
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/6246
milestone: '11.2'
gitlab_schema: gitlab_main
gitlab_schema: gitlab_main_cell
allow_cross_joins:
- gitlab_main_clusterwide
allow_cross_transactions:
- gitlab_main_clusterwide
allow_cross_foreign_keys:
- gitlab_main_clusterwide
sharding_key:
project_id: projects

18
db/post_migrate/20240123120413_index_sbom_occurrences_on_project_id_component_version_id_and_input_file_path.rb Normal file
View File

@ -0,0 +1,18 @@
# frozen_string_literal: true
class IndexSbomOccurrencesOnProjectIdComponentVersionIdAndInputFilePath < Gitlab::Database::Migration[2.2]
INDEX_NAME = 'idx_sbom_occurr_on_project_component_version_input_file_path'
DROPPED_INDEX_NAME = 'index_sbom_occurrences_for_input_file_path_search'
disable_ddl_transaction!
milestone '16.9'
def up
remove_concurrent_index_by_name :sbom_occurrences, DROPPED_INDEX_NAME
add_concurrent_index :sbom_occurrences, %i[project_id component_version_id input_file_path], name: INDEX_NAME
end
def down
remove_concurrent_index_by_name :sbom_occurrences, INDEX_NAME
add_concurrent_index :sbom_occurrences, %i[project_id component_id input_file_path], name: DROPPED_INDEX_NAME
end
end

1
db/schema_migrations/20240123120413 Normal file
View File

@ -0,0 +1 @@
9b55d0889ab76a1bf64696bc1d356a99366912e1f5c3c689fd8a52d2134f7644

4
db/structure.sql
View File

@ -32463,6 +32463,8 @@ CREATE INDEX idx_repository_states_on_wiki_failure_partial ON project_repository
CREATE INDEX idx_repository_states_outdated_checksums ON project_repository_states USING btree (project_id) WHERE (((repository_verification_checksum IS NULL) AND (last_repository_verification_failure IS NULL)) OR ((wiki_verification_checksum IS NULL) AND (last_wiki_verification_failure IS NULL)));
CREATE INDEX idx_sbom_occurr_on_project_component_version_input_file_path ON sbom_occurrences USING btree (project_id, component_version_id, input_file_path);
CREATE INDEX idx_sbom_occurrences_on_project_id_and_source_id ON sbom_occurrences USING btree (project_id, source_id);
CREATE UNIQUE INDEX idx_sbom_source_packages_on_name_and_purl_type ON sbom_source_packages USING btree (name, purl_type);
@ -35325,8 +35327,6 @@ CREATE UNIQUE INDEX index_sbom_components_on_component_type_name_and_purl_type O
CREATE INDEX index_sbom_occurr_on_project_id_and_component_version_id_and_id ON sbom_occurrences USING btree (project_id, component_version_id, id);
CREATE INDEX index_sbom_occurrences_for_input_file_path_search ON sbom_occurrences USING btree (project_id, component_id, input_file_path);
CREATE INDEX index_sbom_occurrences_on_component_id_and_id ON sbom_occurrences USING btree (component_id, id);
CREATE INDEX index_sbom_occurrences_on_component_version_id ON sbom_occurrences USING btree (component_version_id);

2
doc/api/graphql/reference/index.md
View File

@ -17324,6 +17324,7 @@ Represents a product analytics dashboard visualization.
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="customizablepermissionavailablefor"></a>`availableFor` | [`[String!]!`](#string) | Objects the permission is available for. |
| <a id="customizablepermissionavailablefromaccesslevel"></a>`availableFromAccessLevel` | [`AccessLevel`](#accesslevel) | Access level from which the permission is available. |
| <a id="customizablepermissiondescription"></a>`description` | [`String`](#string) | Description of the permission. |
| <a id="customizablepermissionname"></a>`name` | [`String!`](#string) | Localized name of the permission. |
| <a id="customizablepermissionrequirements"></a>`requirements` | [`[MemberRolePermission!]`](#memberrolepermission) | Requirements of the permission. |
@ -29835,6 +29836,7 @@ Values for sorting inherited variables.
| <a id="cijobfailurereasonpipeline_loop_detected"></a>`PIPELINE_LOOP_DETECTED` | A job that failed due to pipeline loop detected. |
| <a id="cijobfailurereasonproject_deleted"></a>`PROJECT_DELETED` | A job that failed due to project deleted. |
| <a id="cijobfailurereasonprotected_environment_failure"></a>`PROTECTED_ENVIRONMENT_FAILURE` | A job that failed due to protected environment failure. |
| <a id="cijobfailurereasonreached_downstream_pipeline_trigger_rate_limit"></a>`REACHED_DOWNSTREAM_PIPELINE_TRIGGER_RATE_LIMIT` | A job that failed due to reached downstream pipeline trigger rate limit. |
| <a id="cijobfailurereasonreached_max_descendant_pipelines_depth"></a>`REACHED_MAX_DESCENDANT_PIPELINES_DEPTH` | A job that failed due to reached max descendant pipelines depth. |
| <a id="cijobfailurereasonreached_max_pipeline_hierarchy_size"></a>`REACHED_MAX_PIPELINE_HIERARCHY_SIZE` | A job that failed due to reached max pipeline hierarchy size. |
| <a id="cijobfailurereasonrunner_system_failure"></a>`RUNNER_SYSTEM_FAILURE` | A job that failed due to runner system failure. |

8
doc/api/integrations.md
View File

@ -832,9 +832,13 @@ Get the Google Chat integration settings for a project.
GET /projects/:id/integrations/hangouts-chat
```
## Google Cloud Artifact Registry **(SAAS BETA)**
## Google Cloud Artifact Registry
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/425066) in GitLab 16.9 as a [Beta](../policy/experiment-beta-support.md) feature [with a flag](../administration/feature_flags.md) named `gcp_artifact_registry`. Disabled by default.
DETAILS:
**Offering:** SaaS
**Status:** Beta
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/425066) in GitLab 16.9 as a [Beta](../policy/experiment-beta-support.md) feature [with a flag](../administration/feature_flags.md) named `gcp_artifact_registry`. Disabled by default.
FLAG:
On GitLab.com, this feature is not available. The feature is not ready for production use.

5
doc/development/permissions/custom_roles.md
View File

@ -191,6 +191,7 @@ security dashboard.
| `group_ability` | yes | Boolean value to indicate whether this ability is checked on group level. |
| `project_ability` | yes | Boolean value to whether this ability is checked on project level. |
| `requirements` | no | The list of custom permissions this ability is dependent on. For instance `admin_vulnerability` is dependent on `read_vulnerability`. If none, then enter `[]` |
| `available_from_access_level` | no | The access level from which this ability is available, if applicable. See the section on [understanding logic for individual abilities](#understanding-logic-for-individual-abilities) for help on determining the base access level for an ability. |
#### Step 2: Create a migration file
@ -258,7 +259,7 @@ end
before do
stub_licensed_features(custom_roles: true)
sign_in(user)
end
@ -292,7 +293,7 @@ end
include GraphqlHelpers
describe '#show' do
let(:mutation) { graphql_mutation(:my_mutation) }
let(:mutation) { graphql_mutation(:my_mutation) }
it_behaves_like 'a working graphql query'
end

41
doc/user/application_security/dast/browser/checks/1004.1.md Normal file
View File

@ -0,0 +1,41 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Sensitive cookie without HttpOnly attribute
## Description
The cookie was transmitted in a `Set-Cookie` header without the `HttpOnly` attribute set.
To prevent JavaScript being able to access the cookie value - usually via `document.cookies` - all
cookies that are used for authorization should have the `HttpOnly` attribute
set.
## Remediation
Most web application frameworks allow configuring how cookies are sent to user-agents. Consult your framework's
documentation for more information on how to enable various security directives when assigning cookies to clients.
If the application is assigning cookies via writing to the response headers directly, ensure all responses include
the `HttpOnly` attribute. By enabling this protection, the application is able to mitigate the impact of
certain Cross-Site Scripting (XSS) attacks.
Example:
```http
Set-Cookie: {cookie_name}=<random secure value>; HttpOnly
```
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 1004.1 | false | 1004 | Passive | Low |
## Links
- [OWASP](https://owasp.org/www-community/HttpOnly)
- [CWE](https://cwe.mitre.org/data/definitions/1004.html)
- [Mozilla MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies)

27
doc/user/application_security/dast/browser/checks/113.1.md Normal file
View File

@ -0,0 +1,27 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Improper Neutralization of CRLF Sequences in HTTP Headers
## Description
By inserting Carriage Return / Line Feed (CRLF) characters, malicious users could potentially inject arbitrary data into HTTP responses. By modifying HTTP responses, attackers could conduct cross-site scripting or cache poisoning attacks against other users of the system.
## Remediation
User input should never be used in constructing HTTP header responses without some form
of validation against newlines. This includes URLs supplied by the user for HTTP redirects.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 113.1 | false | 113 | Active | high |
## Links
- [OWASP](https://owasp.org/www-community/attacks/HTTP_Response_Splitting)
- [CWE](https://cwe.mitre.org/data/definitions/113.html)

33
doc/user/application_security/dast/browser/checks/16.1.md Normal file
View File

@ -0,0 +1,33 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Missing Content-Type header
## Description
The `Content-Type` header ensures that user agents correctly interpret the data being received. Without this header
being sent, the browser may misinterpret the data, leading to MIME confusion attacks. If an attacker were able
to upload files that are accessible by using a browser, they could upload files that may be interpreted as
HTML and so execute Cross-Site Scripting (XSS) attacks.
## Remediation
Ensure all resources return a proper `Content-Type` header that matches their format. As an example,
when returning JavaScript files, the response header should be: `Content-Type: application/javascript`
For added protection, we recommend that all resources return the `X-Content-Type-Options: nosniff`
header to disable user agents from mis-interpreting resources.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 16.1 | true | 16 | Passive | Low |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/16.html)
- [Mozilla Blog on MIME Confusion attacks](https://blog.mozilla.org/security/2016/08/26/mitigating-mime-confusion-attacks-in-firefox/)

30
doc/user/application_security/dast/browser/checks/16.10.md Normal file
View File

@ -0,0 +1,30 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Content-Security-Policy violations
## Description
A `Content-Security-Policy` (CSP) was identified on the target site that is reporting violations when
attempting to load the page in a browser. This may cause disruption to your users when attempting to visit the page.
## Remediation
Review the violations to determine if any action is necessary.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 16.10 | true | 16 | Passive | Info |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/16.html)
- [OWASP](https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html)
- [MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP)
- [Content Security Policy Level 3](https://www.w3.org/TR/CSP3/)
- [CSP Evaluator](https://csp-evaluator.withgoogle.com/)

44
doc/user/application_security/dast/browser/checks/16.2.md Normal file
View File

@ -0,0 +1,44 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Server header exposes version information
## Description
The target website returns the `Server` header and version information of this website. By
exposing these values, attackers may attempt to identify if the target software is vulnerable to known
vulnerabilities, or catalog known sites running particular versions to exploit in the future when a
vulnerability is identified in the particular version.
## Remediation
We recommend that the version information be removed from the `Server` header.
Apache:
For Apache based web sites, set the `ServerTokens` to `Prod` in the `httpd.conf` configuration file.
NGINX:
For NGINX based websites, set the `server_tokens` configuration value to `off` in the `nginx.conf` file.
IIS:
For IIS based websites version 10 and above you can use the `removeServerHeader` element to the `requestFiltering`
section of the `Web.config` file.
For all other server types, please consult your product's documentation on how to redact the version information from
the `Server` header.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 16.2 | true | 16 | Passive | Low |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/16.html)
- [Apache ServerTokens](https://blog.mozilla.org/security/2016/08/26/mitigating-mime-confusion-attacks-in-firefox/)
- [NGINX `server_tokens`](https://nginx.org/en/docs/http/ngx_http_core_module.html#server_tokens)
- [IIS 10 Remove Server Header](https://learn.microsoft.com/en-us/iis/configuration/system.webserver/security/requestfiltering/#attributes)

35
doc/user/application_security/dast/browser/checks/16.3.md Normal file
View File

@ -0,0 +1,35 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# X-Powered-By header exposes version information
## Description
The target website returns the `X-Powered-By` header and version information of this website. By
exposing these values, attackers may attempt to identify if the target software is vulnerable to known
vulnerabilities, or catalog known sites running particular versions to exploit in the future when a
vulnerability is identified in the particular version.
## Remediation
We recommend that the version information be removed from the `X-Powered-By` header.
PHP:
For PHP based web sites, set the `expose_php` option to `off` in the `php.ini` configuration file.
For all other server types, please consult your product's documentation on how to redact the version
information from the `X-Powered-By` header.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 16.3 | true | 16 | Passive | Low |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/16.html)
- [PHP `expose_php`](https://www.php.net/manual/en/ini.core.php#ini.expose-php)

28
doc/user/application_security/dast/browser/checks/16.4.md Normal file
View File

@ -0,0 +1,28 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# X-Backend-Server header exposes server information
## Description
The target website returns the `X-Backend-Server` header which includes potentially internal/hidden IP addresses
or hostnames. By exposing these values, attackers may attempt to circumvent security proxies and access these
hosts directly.
## Remediation
Consult your proxy/load balancer documentation or provider on how to disable revealing the
`X-Backend-Server` header value.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 16.4 | true | 16 | Passive | Info |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/16.html)

30
doc/user/application_security/dast/browser/checks/16.5.md Normal file
View File

@ -0,0 +1,30 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# AspNet header exposes version information
## Description
The target website returns AspNet headers and version information of this website. By
exposing these values attackers may attempt to identify if the target software is vulnerable to known
vulnerabilities, or catalog known sites running particular versions to exploit in the future when a
vulnerability is identified in the particular version.
## Remediation
To remove the `X-AspNet-Version` header set `<httpRuntime enableVersionHeader="false" />` in the `<system.Web>`
section of the `Web.config` file.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 16.5 | true | 16 | Passive | Low |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/16.html)
- [IIS Remove Unwanted Headers](https://techcommunity.microsoft.com/t5/iis-support-blog/remove-unwanted-http-response-headers/ba-p/369710)

37
doc/user/application_security/dast/browser/checks/16.6.md Normal file
View File

@ -0,0 +1,37 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# AspNetMvc header exposes version information
## Description
The target website returns AspNet headers along with version information of this website. By
exposing these values attackers may attempt to identify if the target software is vulnerable to known
vulnerabilities. Or catalog known sites running particular versions to exploit in the future when a
vulnerability is identified in the particular version.
## Remediation
To remove the `X-AspNetMvc-Version` information set `MvcHandler.DisableMvcResponseHeader = true;` in the
`Global.asax.cs` file in the `Application_Start()` method.
```cs
protected void Application_Start()
{
MvcHandler.DisableMvcResponseHeader = true;
}
```
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 16.6 | true | 16 | Passive | Low |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/16.html)
- [IIS Remove Unwanted Headers](https://techcommunity.microsoft.com/t5/iis-support-blog/remove-unwanted-http-response-headers/ba-p/369710)

41
doc/user/application_security/dast/browser/checks/16.7.md Normal file
View File

@ -0,0 +1,41 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Strict-Transport-Security header missing or invalid
## Description
The `Strict-Transport-Security` header was found to be missing or invalid. The `Strict-Transport-Security`
header allows web site operators to force communications to occur over a TLS connection. By enabling this
header, websites can protect their users from various forms of network eavesdropping or interception attacks.
While most browsers prevent mixed-content (loading resources from HTTP when navigating from an HTTPS site),
this header also ensures that all resource requests are only ever initiated over a secure transport.
## Remediation
Only three directives are applicable for the `Strict-Transport-Security` header.
1. `max-age`: This required directive specifies how long (in seconds) after receiving the response it should communicate only over a secure transport.
1. `includeSubDomains`: This optional, valueless directive signals that the policy applies to this host as well as any subdomains found under this host's domain.
1. `preload`: While not part of the specification, setting this optional value allows major browser organizations to add this site into the browser's preloaded set of HTTPS sites. This requires further action on behalf of the website operator to submit their domain to the browser's HSTS preload list. See [hstspreload.org](https://hstspreload.org/) for more information.
Note that invalid directives, or the `Strict-Transport-Security` header appearing more than once (if the values are
different) is considered invalid.
Prior to adding to this security configuration to your website, it is recommended you review the hstspreload.org [Deployment Recommendations](https://hstspreload.org/#deployment-recommendations).
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 16.7 | true | 16 | Passive | Low |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/16.html)
- [Deployment Recommendations](https://hstspreload.org/#deployment-recommendations)
- [OWASP](https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html)
- [RFC](https://datatracker.ietf.org/doc/html/rfc6797)

31
doc/user/application_security/dast/browser/checks/16.8.md Normal file
View File

@ -0,0 +1,31 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Content-Security-Policy analysis
## Description
A missing or invalid `Content-Security-Policy` (CSP) was identified on the target site. CSP can aid in
hardening a website against various client side attacks such as Cross-Site Scripting (XSS).
## Remediation
If the target site is missing a CSP, please investigate the relevant URLs for enabling CSP. Otherwise,
follow the recommendations to determine if any actions are necessary.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 16.8 | true | 16 | Passive | Info |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/16.html)
- [OWASP](https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html)
- [MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP)
- [Content Security Policy Level 3](https://www.w3.org/TR/CSP3/)
- [CSP Evaluator](https://csp-evaluator.withgoogle.com/)

32
doc/user/application_security/dast/browser/checks/16.9.md Normal file
View File

@ -0,0 +1,32 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Content-Security-Policy-Report-Only analysis
## Description
A `Content-Security-Policy-Report-Only` (CSPRO) was identified on the target site. CSP-Report-Only headers
aid in determining how to implement a `Content-Security-Policy` that does not disrupt normal use of the target
site.
## Remediation
Follow the recommendations to determine if any actions are necessary to harden this `Content-Security-Policy-Report-Only`.
After all alerts have been resolved, we recommend that this header be changed to `Content-Security-Policy`.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 16.9 | true | 16 | Passive | Info |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/16.html)
- [OWASP](https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html)
- [MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP)
- [Content Security Policy Level 3](https://www.w3.org/TR/CSP3/)
- [CSP Evaluator](https://csp-evaluator.withgoogle.com/)

30
doc/user/application_security/dast/browser/checks/200.1.md Normal file
View File

@ -0,0 +1,30 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of sensitive information to an unauthorized actor (private IP address)
## Description
A private RFC 1918/RFC 4193 address was identified in the target application. Public facing websites should not be issuing
requests to private IP Addresses. Attackers attempting to execute subsequent attacks, such as Server-Side
Request Forgery (SSRF), may be able to use this information to identify additional internal targets.
## Remediation
Identify the resource that is incorrectly specifying an internal IP address and replace it with it's public
facing version, or remove the reference from the target application.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 200.1 | true | 200 | Passive | Low |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/200.html)
- [RFC](https://datatracker.ietf.org/doc/html/rfc1918)
- [RFC](https://datatracker.ietf.org/doc/html/rfc4193)

43
doc/user/application_security/dast/browser/checks/209.1.md Normal file
View File

@ -0,0 +1,43 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Generation of error message containing sensitive information
## Description
The application was found to return error data such as stack traces. Depending on the data contained within the error message,
this information could be used by an attacker to conduct further attacks. While stack traces are helpful during development
and debugging, they should not be presented to users when an error occurs.
## Remediation
Applications should handle exception conditions internally and map known failure types to error codes that can be displayed
to a user. These error codes should be customized to the application and returned along with the relevant HTTP error code.
When an error occurs, the application identifies the error type or class, and displays a numerical value to the
user. Requests should also be tracked so when a user is presented with an error code, it has a corresponding request ID.
Support teams can then correlate the HTTP error, the customized error code, and the request ID in the log files to
determine the root cause of the error without leaking details to the end user.
Example of returning customized errors:
```plaintext
HTTP/1.1 500 Internal Server Error
...
Error [0004] Occurred, please contact support or re-try your request again shortly.
Request ID [a4bc91def12]
...
```
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 209.1 | false | 209 | Passive | Low |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/209.html)

43
doc/user/application_security/dast/browser/checks/209.2.md Normal file
View File

@ -0,0 +1,43 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Generation of database error message containing sensitive information
## Description
The application was found to return database error messages. Determining the type of database may assist attackers in exploiting
SQL Injection attacks against the system. While debug messages are helpful during development and debugging, they should not be
presented to users when an error occurs.
## Remediation
Applications should handle database error conditions internally and map known failure types to error codes that can be displayed
to a user. These error codes should be customized to the application and returned along with the relevant HTTP error code.
When an error occurs, the application identifies the error type or class, and displays a numerical value to the
user. Requests should also be tracked so when a user is presented with an error code, it has a corresponding request ID.
Support teams can then correlate the HTTP error, the customized error code, and the request ID in the log files to
determine the root cause of the error without leaking details to the end user.
Example of returning customized errors:
```plaintext
HTTP/1.1 500 Internal Server Error
...
Error [0004] Occurred, please contact support or re-try your request again shortly.
Request ID [a4bc91def12]
...
```
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 209.2 | false | 209 | Passive | Low |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/209.html)

38
doc/user/application_security/dast/browser/checks/22.1.md Normal file
View File

@ -0,0 +1,38 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Improper limitation of a pathname to a restricted directory (Path traversal)
## Description
The vulnerability can be exploited by inserting a payload into a
parameter on the URL endpoint which allows for reading arbitrary files.
This could be used to read sensitive files, access other users data, or aid in
exploitation to gain further system access.
## Remediation
User input should never be used in constructing paths or files for interacting
with the filesystem. This includes filenames supplied by user uploads or downloads.
If possible, consider hashing the filenames and reference the hashed filenames in
a database or datastore instead of directly attempting to access filenames provided
by users or other system components.
In the rare cases that the application must work with filenames, use the language
provided functionality to extract only the filename part of the supplied value.
Never attempt to use the path or directory information that comes from user input.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 22.1 | false | 22 | Active | high |
## Links
- [OWASP](https://owasp.org/www-community/attacks/Path_Traversal)
- [CWE](https://cwe.mitre.org/data/definitions/22.html)

33
doc/user/application_security/dast/browser/checks/287.1.md Normal file
View File

@ -0,0 +1,33 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Insecure authentication over HTTP (Basic Authentication)
## Description
The target application was found to authenticate users using the Basic Authentication scheme over HTTP.
Basic Authentication base64 encodes the username and password and sends it in the `Authentication` header.
Attackers who are in between the communication path (or on the same local network) of the client and server
could use packet sniffers to read and decode the username and password.
## Remediation
If possible, switch to a more robust method to authenticate users such as OAuth 2.0, or storing usernames
and passwords in a data store protected by the Argon2id algorithm. If Basic Authentication must be used,
ensure credentials are only transmitted over secure channels such as HTTPS/TLS.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 287.1 | false | 287 | Passive | Medium |
## Links
- [OWASP](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html)
- [OAuth 2.0](https://oauth.net/2/)
- [CWE-287](https://cwe.mitre.org/data/definitions/287.html)
- [RFC](https://datatracker.ietf.org/doc/html/rfc7617)

35
doc/user/application_security/dast/browser/checks/287.2.md Normal file
View File

@ -0,0 +1,35 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Insecure authentication over HTTP (Digest Authentication)
## Description
The target application was found to authenticate users using the Digest Authentication scheme over HTTP.
Digest Authentication uses an insecure hashing algorithm (MD5) to hash the username and password and sends
it in the `Authentication` header. Attackers who are in between the communication path (or on the same
local network) of the client and server could use packet sniffers to modify the server's response parameters
to downgrade the security of the digest access authentication mode. Additionally, the server stores the
hashed credentials, usually in a file called `.htpasswd`. Tools are readily available to crack these passwords.
## Remediation
If possible, switch to a more robust method to authenticate users such as OAuth 2.0, or storing usernames
and passwords in a data store protected by the Argon2id algorithm. If Digest Authentication must be used,
ensure credentials are only transmitted over secure channels such as HTTPS/TLS.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 287.2 | false | 287 | Passive | Low |
## Links
- [OWASP](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html)
- [OAuth 2.0](https://oauth.net/2/)
- [CWE-287](https://cwe.mitre.org/data/definitions/287.html)
- [RFC](https://datatracker.ietf.org/doc/html/rfc2069)

37
doc/user/application_security/dast/browser/checks/319.1.md Normal file
View File

@ -0,0 +1,37 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Mixed Content
## Description
The target application was found to request resources over insecure transport protocols (HTTP). This is usually due to HTML
elements which load resources using the `http://` scheme instead of `https://`. It should be noted that most modern browsers
block these requests automatically so there is limited risk.
Some parts of the application may not behave correctly since these files are not being properly loaded.
## Remediation
Ensure all HTML elements which load resources from a URL (JavaScript, stylesheets, images, video and other media) are set to
use the `https://` scheme instead of `http://`. Alternatively, developers may use the `//` scheme, which will only load resources
over the same protocol that the originating page was loaded.
A browser visiting the website `https://example.com` with the HTML loading a file using
`<script src="//example.com/cdn/bundle.js"></script>`, would ensure the `example.com/cdn/bundle.js` file was loaded over
HTTPS.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 319.1 | true | 319 | Passive | Info |
## Links
- [OWASP](https://owasp.org/www-community/vulnerabilities/Insecure_Transport)
- [CWE](https://cwe.mitre.org/data/definitions/319.html)
- [MDN](https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_content)

41
doc/user/application_security/dast/browser/checks/352.1.md Normal file
View File

@ -0,0 +1,41 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Absence of anti-CSRF tokens
## Description
The application failed to protect against Cross-Site Request Forgery (CSRF) by using
secure application tokens or `SameSite` cookie directives.
The vulnerability can be exploited by an attacker creating a link or form on a third
party site and tricking an authenticated victim to access them.
## Remediation
Consider setting all session cookies to have the `SameSite=Strict` attribute. However,
it should be noted that this may impact usability when sharing links across other mediums.
It is recommended that a two cookie based approach is taken, as outlined in the
[Top level navigations](https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis-08#section-8.8.2) section
of the RFC.
If the application is using a common framework, there is a chance that Anti-CSRF protection
is built in but needs to be enabled. Consult your application framework documentation for
details.
If neither of the above are applicable, it is **strongly** recommended that a third party library is used.
Implementing a secure Anti-CSRF system is a significant investment and difficult to do correctly.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 352.1 | true | 352 | Passive | Medium |
## Links
- [OWASP](https://owasp.org/www-community/attacks/csrf)
- [CWE](https://cwe.mitre.org/data/definitions/352.html)

34
doc/user/application_security/dast/browser/checks/359.1.md Normal file
View File

@ -0,0 +1,34 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of Private Personal Information (PII) to an unauthorized actor (credit card)
## Description
The target application was found to return credit card information in the response. Organizations
found returning such information may be in violation of industry regulations and could face fines.
## Remediation
PII such as credit cards should never be directly returned to the user. The majority of the information should masked except
the last few digits or characters of the identifier. For example, credit card numbers should
only return the last four digits: `****-****-****-1234`. Ensure this masking is done on the server
and only then send the masked data back to the client. Do not rely on client side JavaScript or other methods
to mask these values as the data could still be intercepted or unmasked.
Additionally, credit card information should never be stored un-encrypted in files or databases.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 359.1 | true | 359 | Passive | Medium |
## Links
- [OWASP Top 10 A3 2017 - Sensitive Data Exposure](https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure)
- [CWE](https://cwe.mitre.org/data/definitions/359.html)
- [PCI-DSS](https://www.pcisecuritystandards.org/pdfs/pci_fs_data_storage.pdf)

34
doc/user/application_security/dast/browser/checks/359.2.md Normal file
View File

@ -0,0 +1,34 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of Private Personal Information (PII) to an unauthorized actor (United States social security number)
## Description
The target application was found to return social security number (SSN) information in the response. Organizations
found returning such information may be in violation of (United States) state or federal laws and may face stiff penalties.
## Remediation
PII such as social security numbers should never be directly returned to the user. The majority of the information
should masked except the last few digits or characters of the identifier. For example, social security numbers
only be displayed with the last four digits: `***-**-1234`. Ensure this masking is done on the server
and only then send the masked data back to the client. Do not rely on client side JavaScript or other methods
to mask these values as the data could still be intercepted or unmasked.
Additionally, social security numbers should never be stored un-encrypted in files or databases.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 359.2 | true | 359 | Passive | Medium |
## Links
- [OWASP Top 10 A3 2017 - Sensitive Data Exposure](https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure)
- [CWE](https://cwe.mitre.org/data/definitions/359.html)
- [Privacy Act (CMPPA)](https://www.ssa.gov/dataexchange/privacyinfo.html)

45
doc/user/application_security/dast/browser/checks/548.1.md Normal file
View File

@ -0,0 +1,45 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of information through directory listing
## Description
The target web server is configured to list the contents of directories that do not contain an index file
such as `index.html`. This could lead to accidental exposure of sensitive information, or give an attacker
details on how filenames and directories are structured and stored.
## Remediation
Directory indexing should be disabled.
Apache:
For Apache based web sites, ensure all `<Directory>` definitions have `Options -Indexes` configured in the
`apache2.conf` or `httpd.conf` configuration file.
NGINX:
For NGINX based websites, ensure all `location` definitions have the `autoindex off` directive set in the
`nginx.conf` file.
IIS:
For IIS based websites version 7.0 and above you can use the `<directoryBrowse enabled="false" />` element
in the `applicationHost.config` or `Web.config` files.
For all other server types, please consult your product's documentation on how to disable directory
indexing.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 548.1 | false | 548 | Passive | Low |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/548.html)
- [Apache Options](https://httpd.apache.org/docs/2.4/mod/core.html#options)
- [NGINX `autoindex`](https://nginx.org/en/docs/http/ngx_http_autoindex_module.html)
- [IIS `directoryBrowse` element](https://learn.microsoft.com/en-us/iis/configuration/system.webserver/directorybrowse)

31
doc/user/application_security/dast/browser/checks/598.1.md Normal file
View File

@ -0,0 +1,31 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Use of GET request method with sensitive query strings (session ID)
## Description
A session ID was identified in the request URL as well as a cookie value. Session
IDs should not be sent in GET requests as they maybe captured by proxy systems, stored in
browser history, or stored in log files. If an attacker were to get access to the session
ID they would potentially be able to gain access to the target account.
## Remediation
As request headers are rarely logged or captured by third party systems, ensure session ID
values are only sent in cookies (assigned via `Set-Cookie` response headers) and never sent
in the request URL.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 598.1 | true | 598 | Passive | Medium |
## Links
- [OWASP](https://owasp.org/www-community/vulnerabilities/Information_exposure_through_query_strings_in_url)
- [CWE](https://cwe.mitre.org/data/definitions/598.html)

30
doc/user/application_security/dast/browser/checks/598.2.md Normal file
View File

@ -0,0 +1,30 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Use of GET request method with sensitive query strings (password)
## Description
The user's password was identified in the request URL. Passwords should never be sent in GET
requests as they maybe captured by proxy systems, stored in browser history, or stored in
log files. If an attacker were to get access to these logs or logging systems, they would
be able to gain access to the target account.
## Remediation
Passwords should never be sent in GET requests. When authenticating users or requesting users
reset their passwords, always use `POST` requests to transmit sensitive data.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 598.2 | true | 598 | Passive | Medium |
## Links
- [OWASP](https://owasp.org/www-community/vulnerabilities/Information_exposure_through_query_strings_in_url)
- [CWE](https://cwe.mitre.org/data/definitions/598.html)

31
doc/user/application_security/dast/browser/checks/598.3.md Normal file
View File

@ -0,0 +1,31 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Use of GET request method with sensitive query strings (Authorization header details)
## Description
The authorization header value was identified in the request URL. These headers typically contain
usernames and passwords or JWT tokens. These values should never be sent in GET requests as they
maybe captured by proxy systems, stored in browser history, or stored in log files. If an attacker
were to get access to these logs or logging systems, they would be able to gain access to the
target account.
## Remediation
Authorization header details should never be sent in GET requests. When transmitting sensitive information
such as JWT tokens, always use `POST` requests or headers to transmit the sensitive data.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 598.3 | true | 598 | Passive | Medium |
## Links
- [OWASP](https://owasp.org/www-community/vulnerabilities/Information_exposure_through_query_strings_in_url)
- [CWE](https://cwe.mitre.org/data/definitions/598.html)

34
doc/user/application_security/dast/browser/checks/601.1.md Normal file
View File

@ -0,0 +1,34 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# URL redirection to untrusted site ('open redirect')
## Description
This site was found to allow open redirects from user supplied input. Open redirects are commonly
abused in phishing attacks where the original domain or URL looks like a legitimate link, but then
redirects a user to a malicious site. An example would be
`https://example.com/redirect?url=https://%62%61%64%2e%63%6f%6d%2f%66%61%6b%65%6c%6f%67%69%6e` which,
when decoded turns into `bad.com/fakelogin`.
## Remediation
Never redirect a client based on user input found in a `GET` request. It is recommended that the list
of target links to redirect a user to are contained server side, and retrieved using a numerical value
as an index to return the link to be redirected to. For example, `/redirect?id=1` would cause the
application to look up the `1` index and return a URL such as `https://example.com`. This URL would
then be used to redirect the user, using the 301 response code and `Location` header.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 601.1 | true | 601 | Passive | Low |
## Links
- [OWASP](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html)
- [CWE](https://cwe.mitre.org/data/definitions/601.html)

31
doc/user/application_security/dast/browser/checks/611.1.md Normal file
View File

@ -0,0 +1,31 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# External XML Entity Injection (XXE)
## Description
It is possible to cause the application's XML parser to include external resources.
This can include files or in some circumstances initiate requests to third party
servers.
## Remediation
Consult the documentation for the XML Parser used by the target application for security
guidelines and hardening steps. It is recommended that all XML parsers disable external
entity resolution and XML `xinclude` features. Most XML parsers based on `libxml` can also be
configured to disable network access.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 611.1 | false | 611 | Active | high |
## Links
- [OWASP](https://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_Processing)
- [CWE](https://cwe.mitre.org/data/definitions/611.html)

40
doc/user/application_security/dast/browser/checks/614.1.md Normal file
View File

@ -0,0 +1,40 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Sensitive cookie without Secure attribute
## Description
The cookie was transmitted in a `Set-Cookie` response without the `Secure` attribute set.
To prevent sensitive cookie values being accidentally transmitted over clear-text HTTP we
recommended that cookies are declared with the `Secure` attribute.
## Remediation
Most web application frameworks allow configuring how cookies are sent to user agents. Consult your framework's
documentation for more information on how to enable various security attributes when assigning cookies to clients.
If the application is assigning cookies via writing to the response headers directly, ensure all responses include
the `Secure` attribute. By enabling this protection, the application will no longer send sensitive cookies over
HTTP.
Example:
```http
Set-Cookie: {cookie_name}=<random secure value>; Secure
```
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 614.1 | false | 614 | Passive | Low |
## Links
- [OWASP](https://owasp.org/www-community/controls/SecureCookieAttribute)
- [CWE](https://cwe.mitre.org/data/definitions/614.html)
- [Mozilla MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies)

36
doc/user/application_security/dast/browser/checks/693.1.md Normal file
View File

@ -0,0 +1,36 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Missing X-Content-Type-Options: nosniff
## Description
The `X-Content-Type-Options` header with the value `nosniff` ensures that user agents do not attempt to
guess the format of the data being received. User Agents such as browsers, commonly attempt to guess
what the resource type being requested is, through a process called MIME type sniffing.
Without this header being sent, the browser may misinterpret the data, leading to MIME confusion attacks.
If an attacker were able to upload files that are accessible by using a browser, they could upload files
that could be interpreted as HTML and execute Cross-Site Scripting (XSS) attacks.
## Remediation
We recommend that the header and value of `X-Content-Type-Options: nosniff` be set server wide.
This ensures any resources that are mistakenly missing a `Content-Type` value are not
misinterpreted.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 693.1 | true | 693 | Passive | Low |
## Links
- [OWASP](https://owasp.org/www-project-secure-headers/#x-content-type-options)
- [CWE](https://cwe.mitre.org/data/definitions/693.html)
- [Mozilla Blog on MIME Confusion attacks](https://blog.mozilla.org/security/2016/08/26/mitigating-mime-confusion-attacks-in-firefox/)
- [Mozilla MDN on X-Content-Type-Options](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options)

26
doc/user/application_security/dast/browser/checks/798.1.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Adafruit API Key
## Description
The response body contains content that matches the pattern of a Adafruit API Key.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.1 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.10.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Asana Client Secret
## Description
The response body contains content that matches the pattern of a Asana Client Secret.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.10 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.100.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Sendbird Access Token
## Description
The response body contains content that matches the pattern of a Sendbird Access Token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.100 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.101.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token SendGrid API token
## Description
The response body contains content that matches the pattern of a SendGrid API token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.101 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.102.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Sendinblue API token
## Description
The response body contains content that matches the pattern of a Sendinblue API token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.102 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.103.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Sentry Access Token
## Description
The response body contains content that matches the pattern of a Sentry Access Token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.103 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.104.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Shippo API token
## Description
The response body contains content that matches the pattern of a Shippo API token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.104 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.105.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Shopify access token
## Description
The response body contains content that matches the pattern of a Shopify access token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.105 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.106.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Shopify custom access token
## Description
The response body contains content that matches the pattern of a Shopify custom access token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.106 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.107.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Shopify private app access token
## Description
The response body contains content that matches the pattern of a Shopify private app access token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.107 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.108.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Shopify shared secret
## Description
The response body contains content that matches the pattern of a Shopify shared secret.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.108 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.109.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Slack token
## Description
The response body contains content that matches the pattern of a Slack token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.109 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.11.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Atlassian API token
## Description
The response body contains content that matches the pattern of a Atlassian API token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.11 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.110.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Slack Webhook
## Description
The response body contains content that matches the pattern of a Slack Webhook.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.110 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.111.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Stripe
## Description
The response body contains content that matches the pattern of a Stripe.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.111 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.112.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Square Access Token
## Description
The response body contains content that matches the pattern of a Square Access Token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.112 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.113.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Squarespace Access Token
## Description
The response body contains content that matches the pattern of a Squarespace Access Token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.113 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.114.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token SumoLogic Access ID
## Description
The response body contains content that matches the pattern of a SumoLogic Access ID.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.114 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.115.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token SumoLogic Access Token
## Description
The response body contains content that matches the pattern of a SumoLogic Access Token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.115 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.116.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Travis CI Access Token
## Description
The response body contains content that matches the pattern of a Travis CI Access Token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.116 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.117.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Twilio API Key
## Description
The response body contains content that matches the pattern of a Twilio API Key.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.117 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.118.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Twitch API token
## Description
The response body contains content that matches the pattern of a Twitch API token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.118 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.119.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Twitter API Key
## Description
The response body contains content that matches the pattern of a Twitter API Key.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.119 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.12.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token AWS
## Description
The response body contains content that matches the pattern of a AWS.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.12 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.120.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Twitter API Secret
## Description
The response body contains content that matches the pattern of a Twitter API Secret.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.120 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.121.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Twitter Access Token
## Description
The response body contains content that matches the pattern of a Twitter Access Token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.121 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.122.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Twitter Access Secret
## Description
The response body contains content that matches the pattern of a Twitter Access Secret.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.122 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.123.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Twitter Bearer Token
## Description
The response body contains content that matches the pattern of a Twitter Bearer Token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.123 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.124.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Typeform API token
## Description
The response body contains content that matches the pattern of a Typeform API token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.124 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.125.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Yandex API Key
## Description
The response body contains content that matches the pattern of a Yandex API Key.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.125 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.126.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Yandex AWS Access Token
## Description
The response body contains content that matches the pattern of a Yandex AWS Access Token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.126 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.127.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Yandex Access Token
## Description
The response body contains content that matches the pattern of a Yandex Access Token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.127 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.128.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Zendesk Secret Key
## Description
The response body contains content that matches the pattern of a Zendesk Secret Key.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.128 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.13.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Bitbucket Client ID
## Description
The response body contains content that matches the pattern of a Bitbucket Client ID.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.13 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.14.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Bitbucket Client Secret
## Description
The response body contains content that matches the pattern of a Bitbucket Client Secret.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.14 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.15.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Bittrex Access Key
## Description
The response body contains content that matches the pattern of a Bittrex Access Key.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.15 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.16.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Bittrex Secret Key
## Description
The response body contains content that matches the pattern of a Bittrex Secret Key.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.16 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.17.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Beamer API token
## Description
The response body contains content that matches the pattern of a Beamer API token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.17 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.18.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Codecov Access Token
## Description
The response body contains content that matches the pattern of a Codecov Access Token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.18 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.19.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Coinbase Access Token
## Description
The response body contains content that matches the pattern of a Coinbase Access Token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.19 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.2.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Adobe Client ID (OAuth Web)
## Description
The response body contains content that matches the pattern of a Adobe Client ID (OAuth Web).
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.2 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.20.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Clojars API token
## Description
The response body contains content that matches the pattern of a Clojars API token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.20 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.21.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Confluent Access Token
## Description
The response body contains content that matches the pattern of a Confluent Access Token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.21 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.22.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Confluent Secret Key
## Description
The response body contains content that matches the pattern of a Confluent Secret Key.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.22 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.23.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Contentful delivery API token
## Description
The response body contains content that matches the pattern of a Contentful delivery API token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.23 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.24.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Databricks API token
## Description
The response body contains content that matches the pattern of a Databricks API token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.24 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.25.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Datadog Access Token
## Description
The response body contains content that matches the pattern of a Datadog Access Token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.25 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.26.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Discord API key
## Description
The response body contains content that matches the pattern of a Discord API key.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.26 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.27.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Discord client ID
## Description
The response body contains content that matches the pattern of a Discord client ID.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.27 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.28.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Discord client secret
## Description
The response body contains content that matches the pattern of a Discord client secret.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.28 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.29.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Doppler API token
## Description
The response body contains content that matches the pattern of a Doppler API token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.29 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.3.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Adobe Client Secret
## Description
The response body contains content that matches the pattern of a Adobe Client Secret.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.3 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.30.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Dropbox API secret
## Description
The response body contains content that matches the pattern of a Dropbox API secret.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.30 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.31.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Dropbox long lived API token
## Description
The response body contains content that matches the pattern of a Dropbox long lived API token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.31 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

26
doc/user/application_security/dast/browser/checks/798.32.md Normal file
View File

@ -0,0 +1,26 @@
---
stage: Secure
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Exposure of confidential secret or token Dropbox short lived API token
## Description
The response body contains content that matches the pattern of a Dropbox short lived API token.
Exposing this value could allow attackers to gain access to all resources granted by this token.
## Remediation
Review the response body content and remove any exposed values.
## Details
| ID | Aggregated | CWE | Type | Risk |
|:---|:--------|:--------|:--------|:--------|
| 798.32 | false | 798 | Passive | High |
## Links
- [CWE](https://cwe.mitre.org/data/definitions/798.html)

Some files were not shown because too many files have changed in this diff Show More