{
"poor_physical_security": { "1.1": "other" }, "social_engineering": { "1.1": "other" }, "unvalidated_redirects_and_forwards.open_redirect.get_based_all_users": { "1.2": "unvalidated_redirects_and_forwards.open_redirect.get_based" }, "unvalidated_redirects_and_forwards.open_redirect.get_based_authenticated": { "1.2": "unvalidated_redirects_and_forwards.open_redirect.get_based" }, "unvalidated_redirects_and_forwards.open_redirect.get_based_unauthenticated": { "1.2": "unvalidated_redirects_and_forwards.open_redirect.get_based" }, "broken_authentication_and_session_management.session_token_in_url.over_https": { "1.2": "sensitive_data_exposure.sensitive_token_in_url" }, "broken_authentication_and_session_management.session_token_in_url.over_http": { "1.2": "sensitive_data_exposure.sensitive_token_in_url" }, "broken_authentication_and_session_management.session_token_in_url": { "1.2": "sensitive_data_exposure.sensitive_token_in_url" }, "insecure_data_transport": { "1.2": "mobile_security_misconfiguration" }, "insecure_data_transport.ssl_certificate_pinning": { "1.2": "mobile_security_misconfiguration.ssl_certificate_pinning" }, "insecure_data_transport.ssl_certificate_pinning.absent": { "1.2": "mobile_security_misconfiguration.ssl_certificate_pinning.absent" }, "insecure_data_transport.ssl_certificate_pinning.defeatable": { "1.2": "mobile_security_misconfiguration.ssl_certificate_pinning.defeatable" }, "insecure_data_storage.credentials_stored_unencrypted": { "1.2": "insecure_data_storage.sensitive_application_data_stored_unencrypted" }, "insecure_data_storage.credentials_stored_unencrypted.on_external_storage": { "1.2": "insecure_data_storage.sensitive_application_data_stored_unencrypted.on_external_storage" }, "insecure_data_storage.credentials_stored_unencrypted.on_internal_storage": { "1.2": "insecure_data_storage.sensitive_application_data_stored_unencrypted.on_internal_storage" }, "insufficient_security_configurability.weak_password_policy.complexity_both_length_and_char_type_not_enforced": { "1.2": "insufficient_security_configurability.weak_password_policy.no_password_policy" }, "missing_function_level_access_control": { "1.3": "broken_access_control" }, "missing_function_level_access_control.server_side_request_forgery_ssrf": { "1.3": "broken_access_control.server_side_request_forgery_ssrf" }, "missing_function_level_access_control.server_side_request_forgery_ssrf.internal": { "1.3": "broken_access_control.server_side_request_forgery_ssrf.internal" }, "missing_function_level_access_control.server_side_request_forgery_ssrf.external": { "1.3": "broken_access_control.server_side_request_forgery_ssrf.external" }, "missing_function_level_access_control.username_enumeration": { "1.3": "broken_access_control.username_enumeration" }, "missing_function_level_access_control.username_enumeration.data_leak": { "1.3": "broken_access_control.username_enumeration.data_leak" }, "missing_function_level_access_control.exposed_sensitive_android_intent": { "1.3": "broken_access_control.exposed_sensitive_android_intent" }, "missing_function_level_access_control.exposed_sensitive_ios_url_scheme": { "1.3": "broken_access_control.exposed_sensitive_ios_url_scheme" }, "insecure_direct_object_references_idor": { "1.3": "broken_access_control.idor" }
}