Closed jaleelsyed closed 2 years ago
Project : adsfasdf
Job : adsf
Env : Default
Category : RBAC
Tags : [OWASP - OTG-IDENT-001 , FX Top 10 - API Vulnerability, Endpoint_Access_Control]
Severity : Major
Region : local
Result : fail
Status Code : 500
Headers : {}
Endpoint : http://18.144.38.115:8090/example/v1/hotels
Request : { "city" : "North Benjamin", "description" : "DuPg5Ri4", "id" : "", "name" : "DuPg5Ri4", "rating" : "1957492949" }
Response : Invalid mime type "application/xml, application/json": Invalid token character ',' in token "xml, application/json"
Logs : 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsPostRolePmDisallowedRbac] : URL [http://18.144.38.115:8090/example/v1/hotels] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsPostRolePmDisallowedRbac] : Method [POST] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsPostRolePmDisallowedRbac] : Request [{ "city" : "North Benjamin", "description" : "DuPg5Ri4", "id" : "", "name" : "DuPg5Ri4", "rating" : "1957492949" }] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsPostRolePmDisallowedRbac] : Request-Headers [{Content-Type=[application/xml, application/json], Accept=[application/xml, application/json]}] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsPostRolePmDisallowedRbac] : Response [Invalid mime type "application/xml, application/json": Invalid token character ',' in token "xml, application/json"] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsPostRolePmDisallowedRbac] : Response-Headers [{}] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsPostRolePmDisallowedRbac] : StatusCode [500] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsPostRolePmDisallowedRbac] : Time [12] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsPostRolePmDisallowedRbac] : Size [115] 2019-02-18 04:57:07 ERROR [ExampleV1HotelsPostRolePmDisallowedRbac] : Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [500 == 401 OR 500 == 403] result [Failed]
--- FX Bot ---
Project : adsfasdf
Job : adsf
Env : Default
Category : RBAC
Tags : [OWASP - OTG-IDENT-001 , FX Top 10 - API Vulnerability, Endpoint_Access_Control]
Severity : Major
Region : local
Result : fail
Status Code : 500
Headers : {}
Endpoint : http://18.144.38.115:8090/example/v1/hotels
Request :
{ "city" : "North Benjamin", "description" : "DuPg5Ri4", "id" : "", "name" : "DuPg5Ri4", "rating" : "1957492949" }
Response :
Invalid mime type "application/xml, application/json": Invalid token character ',' in token "xml, application/json"
Logs :
2019-02-18 04:57:07 DEBUG [ExampleV1HotelsPostRolePmDisallowedRbac] : URL [http://18.144.38.115:8090/example/v1/hotels] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsPostRolePmDisallowedRbac] : Method [POST] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsPostRolePmDisallowedRbac] : Request [{ "city" : "North Benjamin", "description" : "DuPg5Ri4", "id" : "", "name" : "DuPg5Ri4", "rating" : "1957492949" }] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsPostRolePmDisallowedRbac] : Request-Headers [{Content-Type=[application/xml, application/json], Accept=[application/xml, application/json]}] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsPostRolePmDisallowedRbac] : Response [Invalid mime type "application/xml, application/json": Invalid token character ',' in token "xml, application/json"] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsPostRolePmDisallowedRbac] : Response-Headers [{}] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsPostRolePmDisallowedRbac] : StatusCode [500] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsPostRolePmDisallowedRbac] : Time [12] 2019-02-18 04:57:07 DEBUG [ExampleV1HotelsPostRolePmDisallowedRbac] : Size [115] 2019-02-18 04:57:07 ERROR [ExampleV1HotelsPostRolePmDisallowedRbac] : Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [500 == 401 OR 500 == 403] result [Failed]
--- FX Bot ---