| Details | |
|---|---|
| Alert ID | 10115-1 |
| Alert Type | Passive |
| Status | release |
| Risk | High |
| CWE | 829 |
| WASC | 15 |
| Technologies Targeted | All |
| Tags |
CWE-829 OWASP_2017_A09 OWASP_2021_A06 |
| More Info |
Scan Rule Help |
Summary
The page includes one or more script files loaded from one of the ‘polyfill’ domains. These are not associated with the polyfill.js library and are known to serve malicious content.
Solution
Change all scripts to use a known good source based on their documentation.Other Info
References
- https://sansec.io/research/polyfill-supply-chain-attack
- https://x.com/triblondon/status/1761852117579427975