DAST browser-based crawler vulnerability checks

The DAST browser-based crawler provides a number of vulnerability checks that are used to scan for vulnerabilities in the site under test.

ID Check Severity Type
1004.1 Sensitive cookie without HttpOnly attribute Low Passive
16.1 Missing Content-Type header Low Passive
16.2 Server header exposes version information Low Passive
16.3 X-Powered-By header exposes version information Low Passive
16.4 X-Backend-Server header exposes server information Info Passive
16.5 AspNet header exposes version information Low Passive
16.6 AspNetMvc header exposes version information Low Passive
16.7 Strict-Transport-Security header missing or invalid Low Passive
200.1 Exposure of sensitive information to an unauthorized actor (private IP address) Low Passive
209.1 Generation of error message containing sensitive information Low Passive
319.1 Mixed Content Info Passive
352.1 Absence of anti-CSRF tokens Medium Passive
359.1 Exposure of Private Personal Information (PII) to an unauthorized actor (credit card) Medium Passive
359.2 Exposure of Private Personal Information (PII) to an unauthorized actor (United States social security number) Medium Passive
548.1 Exposure of information through directory listing Low Passive
598.1 Use of GET request method with sensitive query strings (session ID) Medium Passive
598.2 Use of GET request method with sensitive query strings (password) Medium Passive
598.3 Use of GET request method with sensitive query strings (Authorization header details) Medium Passive
601.1 URL redirection to untrusted site (‘open redirect’) Low Passive
614.1 Sensitive cookie without Secure attribute Low Passive
693.1 Missing X-Content-Type-Options: nosniff Low Passive
829.1 Inclusion of Functionality from Untrusted Control Sphere Low Passive
829.2 Invalid Sub-Resource Integrity values detected Medium Passive