microsimulation / ijm

A central place for general issues, documents, scripts and resources for the IJM
https://microsimulation.org/ijm/
MIT License
4 stars 1 forks source link

Test OWASP Top-10 Security related risks #64

Closed astrajescu closed 4 years ago

astrajescu commented 4 years ago

Run tests related to OWASP Top-10 security risks, where applicable.

olegderid commented 4 years ago

vulnerability: Access to such information may facilitate attackers identifying other frameworks/components your web application is reliant upon and the vulnerabilities such components may be subject to.

vulnerability: No Anti-CSRF tokens were found in a HTML submission form. A cross-site request forgery is an attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge or intent in order to perform an action as the victim.

Tool used: https://www.zaproxy.org/