Home/Alerts/Alert detail/

User Agent Fuzzer

Risk:
Informational

Type:
Active

Summary: Check for differences in response based on fuzzed User Agent (eg. mobile sites, access as a Search Engine Crawler). Compares the response statuscode and the hashcode of the response body with the original response.

References: https://owasp.org/wstg

Latest Security News

Beware: PayPal "New Address" feature abused to send phishing emails

Fake CS2 tournament streams used to steal crypto, Steam accounts

Bybit Confirms Record-Breaking $1.46 Billion Crypto Heist in Sophisticated Cold Wallet Attack

OpenAI Bans Accounts Misusing ChatGPT for Surveillance and Influence Campaigns

Google Chrome disables uBlock Origin for some in Manifest v3 rollout

SpyLend Android malware downloaded 100,000 times from Google Play

Hacker steals record $1.46 billion from Bybit ETH cold wallet

Apple Drops iCloud's Advanced Data Protection in the U.K. Amid Encryption Backdoor Demands

Top Alert List

Content Security Policy (CSP) Header Not Set

CSP

MediumMissing Anti-clickjacking Header

InformationalInformation Disclosure - Suspicious Comments

MediumAbsence of Anti-CSRF Tokens

MediumContent Security Policy (CSP) Header Not Set

LowCross-Domain JavaScript Source File Inclusion

HighPII Disclosure

InformationalModern Web Application

LowX-Content-Type-Options Header Missing

Latest CVE List

CVE-2025-24989 Microsoft Power Pages Improper Access Control Vulnerability

CVE-2025-23209 Craft CMS Code Injection Vulnerability

CVE-2025-0111 Palo Alto Networks PAN-OS File Read Vulnerability

CVE-2024-53704 SonicWall SonicOS SSLVPN Improper Authentication Vulnerability

CVE-2025-0108 Palo Alto Networks PAN-OS Authentication Bypass Vulnerability

CVE-2024-57727 SimpleHelp Path Traversal Vulnerability

CVE-2024-41710 Mitel SIP Phones Argument Injection Vulnerability

CVE-2025-24200 Apple iOS and iPadOS Incorrect Authorization Vulnerability

CVE-2025-21391 Microsoft Windows Storage Link Following Vulnerability

CVE-2025-21418 Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability

Top CWE List

HighCWE-200 Exposure of Sensitive Information to an Unauthorized Actor

CWE-693 Protection Mechanism Failure

CWE-201 Insertion of Sensitive Information Into Sent Data

CWE-581 Object Model Violation: Just One of Equals and Hashcode Defined

CWE-1426 Improper Validation of Generative AI Output

HighCWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-1021 Improper Restriction of Rendered UI Layers or Frames

CWE-284 Improper Access Control

CWE-1193 Power-On of Untrusted Execution Core Before Enabling Fabric Access Control

CWE-1044 Architecture with Number of Horizontal Layers Outside of Expected Range

Free online web security scanner

Don't show website scan report rating on the leaderboard