From 6f5ad902e2d82932e7284270b1e6f43304df7be2 Mon Sep 17 00:00:00 2001 From: Fredrik Robertsen Date: Thu, 5 Feb 2026 13:57:16 +0100 Subject: [PATCH] Update vulnerabilities.md --- vulnerabilities.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/vulnerabilities.md b/vulnerabilities.md index d77a882..11ecb43 100644 --- a/vulnerabilities.md +++ b/vulnerabilities.md @@ -69,8 +69,8 @@ Note: The `Status` column can be set for values similar to "Pass", "Fail", "N/A" | WSTG-SESS-10 | Testing JSON Web Tokens | | | | WSTG-SESS-11 | Testing for Concurrent Sessions | | | | **WSTG-INPV** | **Input Validation Testing** | | | -| WSTG-INPV-01 | Testing for Reflected Cross Site Scripting | | | -| WSTG-INPV-02 | Testing for Stored Cross Site Scripting | | | +| WSTG-INPV-01 | Testing for Reflected Cross Site Scripting | yes | | +| WSTG-INPV-02 | Testing for Stored Cross Site Scripting | yes | | | WSTG-INPV-03 | Testing for HTTP Verb Tampering | | | | WSTG-INPV-04 | Testing for HTTP Parameter pollution | | | | WSTG-INPV-05 | Testing for SQL Injection | | | @@ -109,9 +109,9 @@ Note: The `Status` column can be set for values similar to "Pass", "Fail", "N/A" | WSTG-BUSL-09 | Test Upload of Malicious Files | | | | WSTG-BUSL-10 | Test Payment Functionality | | | | **WSTG-CLIENT** | **Client-side Testing** | | | -| WSTG-CLNT-01 | Testing for DOM Based Cross Site Scripting | | | -| WSTG-CLNT-02 | Testing for JavaScript Execution | | | -| WSTG-CLNT-03 | Testing for HTML Injection | | | +| WSTG-CLNT-01 | Testing for DOM Based Cross Site Scripting | yes | | +| WSTG-CLNT-02 | Testing for JavaScript Execution | yes | | +| WSTG-CLNT-03 | Testing for HTML Injection | yes | | | WSTG-CLNT-04 | Testing for Client-Side URL Redirect | | | | WSTG-CLNT-05 | Testing for CSS Injection | | | | WSTG-CLNT-06 | Testing for Client-Side Resource Manipulation | | |