ZAP – Verification Request Identified

Details
Alert ID	10113
Alert Type	Passive
Status	beta
Risk	Informational
CWE
WASC
Technologies Targeted	All
Tags

Summary

The given request has been identified as a good candidate for authentication verification. If the request is in a context which has a Verification Strategy set to “Poll” but where the URL is empty then this rule will fill in the correct values.

Solution

This is an informational alert rather than a vulnerability and so there is nothing to fix.

Other Info

References

https://www.zaproxy.org/docs/desktop/addons/authentication-helper/verification-id/

Code

org/zaproxy/addon/authhelper/VerificationDetectionScanRule.java