Skip to content
/ zap-extensions Public
Permalink

Comparing changes

This is a direct comparison between two commits made in this repository or its related repositories. View the default comparison for this range or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: zaproxy/zap-extensions
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: cb67b5d058269cc2698a7a65091cc1871476b1dd
Choose a base ref
..
head repository: zaproxy/zap-extensions
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: ac0cded477b2407c3688e9222e3e85baba7fea53
Choose a head ref
Showing with 1 addition and 0 deletions.
  1. +1 −0 ...lesBeta/src/main/resources/org/zaproxy/zap/extension/ascanrulesBeta/resources/Messages.properties
1 change: 1 addition & 0 deletions ...src/main/resources/org/zaproxy/zap/extension/ascanrulesBeta/resources/Messages.properties
View file
Original file line number Diff line number Diff line change
@@ -125,6 +125,7 @@ ascanbeta.noanticsrftokens.name = Absence of Anti-CSRF Tokens
ascanbeta.oobxss.name = Out of Band XSS
ascanbeta.oobxss.skipped = no Active Scan OAST service is selected.

ascanbeta.proxydisclosure.attack = TRACE, OPTIONS methods with 'Max-Forwards' header. TRACK method.
ascanbeta.proxydisclosure.desc = {0} proxy server(s) were detected or fingerprinted. This information helps a potential attacker to determine\n- A list of targets for an attack against the application.\n - Potential vulnerabilities on the proxy servers that service the application.\n - The presence or absence of any proxy-based components that might cause attacks against the application to be detected, prevented, or mitigated.
ascanbeta.proxydisclosure.extrainfo.proxyserver = - {0}
ascanbeta.proxydisclosure.extrainfo.proxyserver.header = Using the TRACE, OPTIONS, and TRACK methods, the following proxy servers have been identified between ZAP and the application/web server: