creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 13:44:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/exploiting-deeplink-vulnerabilities/references/standards.md
T

978 B
Raw Blame History

Standards Reference: Deep Link Vulnerabilities

OWASP Mobile Top 10 2024

ID Risk Deep Link Relevance
M4 Insufficient Input/Output Validation Injection via deep link parameters
M8 Security Misconfiguration Unverified App Links, missing scheme validation

OWASP MASVS v2.0 - MASVS-PLATFORM

Control Test
MASVS-PLATFORM-1 App validates deep link parameters before processing
MASVS-PLATFORM-2 App does not expose sensitive functionality via URL schemes

CWE Mappings

CWE Title Attack Vector
CWE-939 Improper Authorization in Handler for Custom URL Scheme Scheme hijacking
CWE-940 Improper Verification of Source in URL Scheme Handler Missing origin validation
CWE-79 Cross-site Scripting JavaScript injection via WebView deep links
CWE-601 URL Redirection to Untrusted Site Open redirect via URL parameter
Reference in New Issue View Git Blame Copy Permalink