CodeSent Rules - Comprehensive API Security & Static Analysis

AccessControl AssignMessage JSONThreatProtection

Name	Severity	Scopes	Tags	Links
Bypassing AccessControl policy via True-Client-IP header	Critical	AccessControl	Data Validation	CWE-290
AssignMessage request parameters pollution	High	AssignMessage	Data Validation	CWE-20
Use of weak hash algorithms	High	AssignMessage HMAC JavaScript	Secure Configuration	CWE-327
AccessControl allows all IPs	Medium	AccessControl	Data Validation	CWE-290
Insecure JSONThreatProtection policy	Medium	JSONThreatProtection	Code Quality Data Validation	CWE-770 CWE-20