Tag: configuration

Insecure CORS policy

Cross-origin resource sharing policies that are too permissive could lead to security vulnerabilities.

Session fixation

Session fixation might allow an attacker to steal authenticated session IDs.

Server side request forgery

Insufficient sanitization of potentially untrusted URLs on the server side can allow server requests to unwanted destinations.

Cross-site request forgery

Insecure configuration can lead to a cross-site request forgery (CRSF) vulnerability.

Protection mechanism failure

Disabled or incorrectly used protection mechanism can lead to security vulnerabilities.