playwright-exposed-chrome-devtools
playwright-exposed-chrome-devtools
Remote debugging protocol does not perform any authentication, so exposing it too widely can be a security risk.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-94: Improper Control of Generation of Code (‘Code Injection’)
OWASP:
- A03:2021 - Injection
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-94: Improper Control of Generation of Code (‘Code Injection’)
OWASP:
- A03:2021 - Injection
playwright-setcontent-injection
playwright-setcontent-injection
If unverified user data can reach the
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-918: Server-Side Request Forgery (SSRF)
OWASP:
- A10:2021 - Server-Side Request Forgery (SSRF)
setContent
method it can result in Server-Side Request Forgery vulnerabilitiesLikelihood: LOW
Confidence: LOW
CWE:
- CWE-918: Server-Side Request Forgery (SSRF)
OWASP:
- A10:2021 - Server-Side Request Forgery (SSRF)
playwright-addinitscript-code-injection
playwright-addinitscript-code-injection
If unverified user data can reach the
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-918: Server-Side Request Forgery (SSRF)
OWASP:
- A10:2021 - Server-Side Request Forgery (SSRF)
addInitScript
method it can result in Server-Side Request Forgery vulnerabilitiesLikelihood: LOW
Confidence: LOW
CWE:
- CWE-918: Server-Side Request Forgery (SSRF)
OWASP:
- A10:2021 - Server-Side Request Forgery (SSRF)
playwright-evaluate-code-injection
playwright-evaluate-code-injection
If unverified user data can reach the
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-918: Server-Side Request Forgery (SSRF)
OWASP:
- A10:2021 - Server-Side Request Forgery (SSRF)
evaluate
method it can result in Server-Side Request Forgery vulnerabilitiesLikelihood: LOW
Confidence: LOW
CWE:
- CWE-918: Server-Side Request Forgery (SSRF)
OWASP:
- A10:2021 - Server-Side Request Forgery (SSRF)
playwright-goto-injection
playwright-goto-injection
If unverified user data can reach the
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-918: Server-Side Request Forgery (SSRF)
OWASP:
- A10:2021 - Server-Side Request Forgery (SSRF)
goto
method it can result in Server-Side Request Forgery vulnerabilitiesLikelihood: LOW
Confidence: LOW
CWE:
- CWE-918: Server-Side Request Forgery (SSRF)
OWASP:
- A10:2021 - Server-Side Request Forgery (SSRF)
playwright-evaluate-arg-injection
playwright-evaluate-arg-injection
If unverified user data can reach the
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-918: Server-Side Request Forgery (SSRF)
OWASP:
- A10:2021 - Server-Side Request Forgery (SSRF)
evaluate
method it can result in Server-Side Request Forgery vulnerabilitiesLikelihood: LOW
Confidence: LOW
CWE:
- CWE-918: Server-Side Request Forgery (SSRF)
OWASP:
- A10:2021 - Server-Side Request Forgery (SSRF)