Configuration: File Upload Endpoint Detected¶
Identifier:
file_upload_detected
Scanner(s) Support¶
| GraphQL Scanner | REST Scanner | WebApp Scanner | ASM Scanner |
|---|---|---|---|
Description¶
File upload endpoints accept binary or document payloads from clients and represent a high-leverage attack surface (CWE-434, CWE-22, CWE-94, CWE-79). Cataloguing every detected endpoint lets customers audit which surfaces are exposed and which downstream active checks were run against them.
How we test: We classify endpoints from three independent sources: (a) observed traffic with a multipart/form-data Content-Type and a filename= part header, (b) API request templates including GraphQL multipart spec requests with an operations / map shape, and © JavaScript source containing FormData, <input type="file">, apollo-upload-client, react-dropzone, tus-js-client, @uppy/core, or filepond imports. Endpoints discovered from observed traffic are profiled to produce a structured description; JS-only endpoints use deterministic evidence and are not actively probed.
References:
- https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload
- https://cwe.mitre.org/data/definitions/434.html
Configuration¶
Example¶
Example configuration:
Reference¶
skip¶
Type : boolean
Skip the test if true.