Add latest changes from gitlab-org/gitlab@master

3 files changed, 50 insertions, 6 deletions

diff --git a/doc/user/application_security/dast/checks/209.2.md b/doc/user/application_security/dast/checks/209.2.md
new file mode 100644
index 00000000000..ed990f2c4b2
--- /dev/null
+++ b/doc/user/application_security/dast/checks/209.2.md
@@ -0,0 +1,43 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Generation of database error message containing sensitive information
+
+## Description
+
+The application was found to return database error messages. Determining the type of database may assist attackers in exploiting
+SQL Injection attacks against the system. While debug messages are helpful during development and debugging, they should not be 
+presented to users when an error occurs. 
+
+## Remediation
+
+Applications should handle database error conditions internally and map known failure types to error codes that can be displayed
+to a user. These error codes should be customized to the application and returned along with the relevant HTTP error code.
+
+When an error occurs, the application identifies the error type or class, and displays a numerical value to the 
+user. Requests should also be tracked so when a user is presented with an error code, it has a corresponding request ID. 
+Support teams can then correlate the HTTP error, the customized error code, and the request ID in the log files to 
+determine the root cause of the error without leaking details to the end user.
+
+Example of returning customized errors:
+
+```plaintext
+HTTP/1.1 500 Internal Server Error
+...
+Error [0004] Occurred, please contact support or re-try your request again shortly.
+Request ID [a4bc91def12]
+...
+```
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 209.2 | false | 209 | Passive | Low |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/209.html)
diff --git a/doc/user/application_security/dast/checks/319.1.md b/doc/user/application_security/dast/checks/319.1.md
index d598fb70ce3..7eed0104809 100644
--- a/doc/user/application_security/dast/checks/319.1.md
+++ b/doc/user/application_security/dast/checks/319.1.md
@@ -9,19 +9,19 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 ## Description
 
 The target application was found to request resources over insecure transport protocols (HTTP). This is usually due to HTML
-elements which load resources using the `http://` scheme instead of `https://`. It should be noted that most modern browsers
-block these requests automatically so there is limited risk.
+elements which load resources using the `http://` scheme instead of `https://`. It should be noted that most modern browsers 
+block these requests automatically so there is limited risk. 
 
 Some parts of the application may not behave correctly since these files are not being properly loaded.
 
 ## Remediation
 
-Ensure all HTML elements which load resources from a URL (JavaScript, stylesheets, images, video and other media) are set to
+Ensure all HTML elements which load resources from a URL (JavaScript, stylesheets, images, video and other media) are set to 
 use the `https://` scheme instead of `http://`. Alternatively, developers may use the `//` scheme, which will only load resources
-over the same protocol that the originating page was loaded.
+over the same protocol that the originating page was loaded. 
 
-A browser visiting the website `https://example.com` with the HTML loading a file using
-`<script src="//example.com/cdn/bundle.js"></script>`, would ensure the `example.com/cdn/bundle.js` file was loaded over
+A browser visiting the website `https://example.com` with the HTML loading a file using 
+`<script src="//example.com/cdn/bundle.js"></script>`, would ensure the `example.com/cdn/bundle.js` file was loaded over 
 HTTPS.
 
 ## Details
diff --git a/doc/user/application_security/dast/checks/index.md b/doc/user/application_security/dast/checks/index.md
index c6d5f874047..a90c85abb4a 100644
--- a/doc/user/application_security/dast/checks/index.md
+++ b/doc/user/application_security/dast/checks/index.md
@@ -23,6 +23,7 @@ The [DAST browser-based crawler](../browser_based.md) provides a number of vulne
 | [16.9](16.9.md) | Content-Security-Policy-Report-Only analysis | Info | Passive |
 | [200.1](200.1.md) | Exposure of sensitive information to an unauthorized actor (private IP address) | Low | Passive |
 | [209.1](209.1.md) | Generation of error message containing sensitive information | Low | Passive |
+| [209.2](209.2.md) | Generation of database error message containing sensitive information | Low | Passive |
 | [319.1](319.1.md) | Mixed Content | Info | Passive |
 | [352.1](352.1.md) | Absence of anti-CSRF tokens | Medium | Passive |
 | [359.1](359.1.md) | Exposure of Private Personal Information (PII) to an unauthorized actor (credit card) | Medium | Passive |