Authentication Request Identified

Risk:
Informational

Type:
Passive

Summary: The given request has been identified as an authentication request. The ‘Other Info’ field contains a set of key=value lines which identify any relevant fields. If the request is in a context which has an Authentication Method set to “Auto-Detect” then this rule will change the authentication to match the request identified.

Solution: This is an informational alert rather than a vulnerability and so there is nothing to fix.

Other info: userParam=username userValue=test passwordParam=password

References: https://www.zaproxy.org/docs/desktop/addons/authentication-helper/auth-req-id/

Free security scan for your website

Don't show website scan report rating on the leaderboard