System Information Leak: External - http://zero.webappsecurity.com:80/testing/ (#238) · Issues · Administrator / ticket

System Information Leak: External - http://zero.webappsecurity.com:80/testing/

Created by: armorcodegithubapp[bot]

Category: System Information Leak: External Scan Type: Dynamic CheckType: Info Abstract: A URL or filename was found in the comments of the file.
Request: GET /testing/ HTTP/1.1 Referer: http://zero.webappsecurity.com:80/ User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Accept: / Pragma: no-cache Host: zero.webappsecurity.com X-Scan-Memo: Category="Audit"; Function="createStateRequestFromAttackDefinition"; SID="74AC7190EB0DD42B270214C7DD7706B5"; PSID="3B5C6D4258EDE9E2520272F502F91B6B"; SessionType="AuditAttack"; CrawlType="None"; AttackType="Server"; OriginatingEngineID="ae34b422-6357-4aca-8fe7-7e449e14c9b7"; AttackSequence="0"; AttackParamDesc=""; AttackParamIndex="0"; AttackParamSubIndex="0"; CheckId="10217"; Engine="Directory+Enumeration"; Retry="False"; SmartMode="NonServerSpecificOnly"; ThreadId="39"; ThreadType="AuditDBReaderSessionDrivenAudit"; Connection: Keep-Alive Cookie: CustomCookie=WebInspect69383ZXB3FCEA2CCD6849B0A63D3EFF65615601Y3637;status=yes;username=;userid=;sessionid=;ASPSESSIONIDCARBTACT=IFDJMBECGEEOKNHHINEAFONF;state=

File Path: //zero.webappsecurity.com:0

https://app.armorcode.com/#/findings/64698310

Knowledge Base: Man in the Middle (MITM) Attack:https://app.armorcode.com/#/knowledgeBase/45