Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/doc/user/application_security/dast/checks/index.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/user/application_security/dast/checks/index.md')
-rw-r--r--doc/user/application_security/dast/checks/index.md8
1 files changed, 7 insertions, 1 deletions
diff --git a/doc/user/application_security/dast/checks/index.md b/doc/user/application_security/dast/checks/index.md
index 58a21e608c8..0a4b16aaa1d 100644
--- a/doc/user/application_security/dast/checks/index.md
+++ b/doc/user/application_security/dast/checks/index.md
@@ -1,7 +1,7 @@
---
stage: Secure
group: Dynamic Analysis
-info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# DAST browser-based crawler vulnerability checks **(ULTIMATE)**
@@ -168,12 +168,18 @@ The [DAST browser-based crawler](../browser_based.md) provides a number of vulne
| ID | Check | Severity | Type |
|:---|:------|:---------|:-----|
| [113.1](113.1.md) | Improper Neutralization of CRLF Sequences in HTTP Headers | High | Active |
+| [1336.1](1336.1.md) | Server-Side Template Injection | High | Active |
+| [16.11](16.11.md) | TRACE HTTP method enabled | High | Active |
| [22.1](22.1.md) | Improper limitation of a pathname to a restricted directory (Path traversal) | High | Active |
| [611.1](611.1.md) | External XML Entity Injection (XXE) | High | Active |
+| [74.1](74.1.md) | XSLT Injection | High | Active |
+| [78.1](78.1.md) | OS Command Injection | High | Active |
| [89.1](89.1.md) | SQL Injection | High | Active |
| [917.1](917.1.md) | Expression Language Injection | High | Active |
+| [918.1](918.1.md) | Server-Side Request Forgery | High | Active |
| [94.1](94.1.md) | Server-side code injection (PHP) | High | Active |
| [94.2](94.2.md) | Server-side code injection (Ruby) | High | Active |
| [94.3](94.3.md) | Server-side code injection (Python) | High | Active |
| [94.4](94.4.md) | Server-side code injection (NodeJS) | High | Active |
| [943.1](943.1.md) | Improper neutralization of special elements in data query logic | High | Active |
+| [98.1](98.1.md) | PHP Remote File Inclusion | High | Active |
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-09 19:32:41 +0300