rspec/rules/S6363/see.adoc

== See

* OWASP - https://owasp.org/Top10/A01_2021-Broken_Access_Control/[Top 10 2021 Category A1 - Broken Access Control]
* OWASP - https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure[Top 10 2017 Category A3 - Sensitive Data Exposure]
* OWASP - https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration[Top 10 2017 Category A6 - Security Misconfiguration]
* OWASP - https://owasp.org/www-project-mobile-top-10/2023-risks/m8-security-misconfiguration[Mobile Top 10 2024 Category M8 - Security Misconfiguration]
* OWASP - https://mas.owasp.org/checklists/MASVS-PLATFORM/[Mobile AppSec Verification Standard - Platform Interaction Requirements]
* CWE - https://cwe.mitre.org/data/definitions/79[CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')]
* Android Documentation - https://developer.android.com/privacy-and-security/risks/webview-unsafe-file-inclusion[WebViews - Unsafe File Inclusion]
Create rule S6363[java]: Enabling file access for WebViews is security-sensitive (#461) 2021-10-12 15:38:05 +02:00			`== See`

Update rule S7201: Disable rule and move rule text to S6363 (SONARKT-636) (#4802) * Close S7201 * Update S6363 with updated descriptions * Update OWASP categories with S7201 info 2025-03-26 11:57:39 +01:00			`* OWASP - https://owasp.org/Top10/A01_2021-Broken_Access_Control/[Top 10 2021 Category A1 - Broken Access Control]`
			`* OWASP - https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure[Top 10 2017 Category A3 - Sensitive Data Exposure]`
Modify CWE and OWASP Top 10 links to follow standard link format (APPSEC-1134) (#3529) * Fix all CWE references * Fix all OWASP references * Fix missing CWE prefixes 2024-01-15 17:15:56 +01:00			`* OWASP - https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration[Top 10 2017 Category A6 - Security Misconfiguration]`
Update security rules: add OWASP Mobile Top 10 2024 security standard (APPSEC-2383) (#4660) 2025-02-19 17:19:00 +01:00			`* OWASP - https://owasp.org/www-project-mobile-top-10/2023-risks/m8-security-misconfiguration[Mobile Top 10 2024 Category M8 - Security Misconfiguration]`
Update rule S7201: Disable rule and move rule text to S6363 (SONARKT-636) (#4802) * Close S7201 * Update S6363 with updated descriptions * Update OWASP categories with S7201 info 2025-03-26 11:57:39 +01:00			`* OWASP - https://mas.owasp.org/checklists/MASVS-PLATFORM/[Mobile AppSec Verification Standard - Platform Interaction Requirements]`
Modify CWE and OWASP Top 10 links to follow standard link format (APPSEC-1134) (#3529) * Fix all CWE references * Fix all OWASP references * Fix missing CWE prefixes 2024-01-15 17:15:56 +01:00			`* CWE - https://cwe.mitre.org/data/definitions/79[CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')]`
Update rule S7201: Disable rule and move rule text to S6363 (SONARKT-636) (#4802) * Close S7201 * Update S6363 with updated descriptions * Update OWASP categories with S7201 info 2025-03-26 11:57:39 +01:00			`* Android Documentation - https://developer.android.com/privacy-and-security/risks/webview-unsafe-file-inclusion[WebViews - Unsafe File Inclusion]`