Findings

app.example.com · scan #SC-001

Validated and evidence-backed vulnerabilities discovered during autonomous testing.

Finding

Severity

Status

Evidence

Chains

Age

SQL Injection

Injection/api/v1/login

CRITICAL

Validated

5 pairs

2 chains

2h ago

Insecure Direct Object Reference

IDOR/api/v1/users/{id}

HIGH

Exploitable

3 pairs

1 chain

2h ago

Broken Authentication

Auth/api/v1/sessions

CRITICAL

Validated

4 pairs

2 chains

3h ago

Sensitive Data Exposure

Data/api/v1/profile

HIGH

Exploitable

2 pairs

—

3h ago

Cross-Site Request Forgery

CSRF/api/v1/settings/update

MEDIUM

Validated

3 pairs

1 chain

4h ago

Verbose Error Messages

Info Disclosure/api/v1/*

LOW

Informational

1 pairs

—

4h ago

Open Redirect

Redirect/redirect?url=

MEDIUM

In Progress

2 pairs

—

5h ago

JWT Algorithm ConfusionCVE-2022-21449

Auth/api/v1/auth/verify

CRITICAL

Exploitable

3 pairs

1 chain

5h ago

Server-Side Request Forgery

SSRF/api/v1/fetch

HIGH

In Progress

2 pairs

1 chain

6h ago

Missing Rate Limiting

DoS/api/v1/login

MEDIUM

Informational

1 pairs

—

6h ago

10 of 10 findings shown