diff --git a/addons/index.html b/addons/index.html index 03fb373195..fbf165decb 100644 --- a/addons/index.html +++ b/addons/index.html @@ -180,7 +180,7 @@

ZAP Marketplace

Repository - Download + Download @@ -193,7 +193,7 @@

ZAP Marketplace

ascanrules - 75 + 77 release @@ -202,7 +202,7 @@

ZAP Marketplace

ZAP Dev Team - 2025-11-04 + 2025-12-05 diff --git a/alerttags/cve-2025-55182/index.html b/alerttags/cve-2025-55182/index.html new file mode 100644 index 0000000000..dee6e58aad --- /dev/null +++ b/alerttags/cve-2025-55182/index.html @@ -0,0 +1,213 @@ + + + + + + + + + + ZAP – CVE-2025-55182 + + + + + + + + + + + + + + + +
+
+
+
+
+ +
+
+ +
+ Download +
+ +
+ +
+
+ + +
+
+ +

Alert Tag: CVE-2025-55182

+ +
+
+
+
+ Alert Tags > + + CVE-2025-55182 + +
+ + + + + +

https://nvd.nist.gov/vuln/detail/CVE-2025-55182

+ + All of the alerts which use this tag: + + +
+ + + + + + + + + + + + + + + + +
TagLink
Remote Code Execution (React2Shell)
+
+
+ +
+ + + + + + +
+ + diff --git a/alerttags/cve-2025-55182/index.xml b/alerttags/cve-2025-55182/index.xml new file mode 100644 index 0000000000..2d07af91a9 --- /dev/null +++ b/alerttags/cve-2025-55182/index.xml @@ -0,0 +1,18 @@ + + + + CVE-2025-55182 on ZAP + /alerttags/cve-2025-55182/ + Recent content in CVE-2025-55182 on ZAP + Hugo + en-us + + + Remote Code Execution (React2Shell) + /docs/alerts/40048/ + Mon, 01 Jan 0001 00:00:00 +0000 + /docs/alerts/40048/ + <p>The server is running Next.js and vulnerable versions of React Server Components with Next.js which allow remote attackers to execute arbitrary code.</p> + + + diff --git a/alerttags/cve-2025-66478/index.html b/alerttags/cve-2025-66478/index.html new file mode 100644 index 0000000000..36e763bd99 --- /dev/null +++ b/alerttags/cve-2025-66478/index.html @@ -0,0 +1,213 @@ + + + + + + + + + + ZAP – CVE-2025-66478 + + + + + + + + + + + + + + + +
+
+
+
+
+ +
+
+ +
+ Download +
+ +
+ +
+
+ + +
+
+ +

Alert Tag: CVE-2025-66478

+ +
+
+
+
+ Alert Tags > + + CVE-2025-66478 + +
+ + + + + +

https://nvd.nist.gov/vuln/detail/CVE-2025-66478

+ + All of the alerts which use this tag: + + +
+ + + + + + + + + + + + + + + + +
TagLink
Remote Code Execution (React2Shell)
+
+
+ +
+ + + + + + +
+ + diff --git a/alerttags/cve-2025-66478/index.xml b/alerttags/cve-2025-66478/index.xml new file mode 100644 index 0000000000..5f0d4cd919 --- /dev/null +++ b/alerttags/cve-2025-66478/index.xml @@ -0,0 +1,18 @@ + + + + CVE-2025-66478 on ZAP + /alerttags/cve-2025-66478/ + Recent content in CVE-2025-66478 on ZAP + Hugo + en-us + + + Remote Code Execution (React2Shell) + /docs/alerts/40048/ + Mon, 01 Jan 0001 00:00:00 +0000 + /docs/alerts/40048/ + <p>The server is running Next.js and vulnerable versions of React Server Components with Next.js which allow remote attackers to execute arbitrary code.</p> + + + diff --git a/alerttags/cwe-78/index.html b/alerttags/cwe-78/index.html index 4f917488a9..2add95a8a0 100644 --- a/alerttags/cwe-78/index.html +++ b/alerttags/cwe-78/index.html @@ -157,6 +157,12 @@

https://cwe.mitre.o + + Remote Code Execution (React2Shell) + + + + Remote OS Command Injection diff --git a/alerttags/cwe-78/index.xml b/alerttags/cwe-78/index.xml index 6bf6645b6b..ab5ced5eac 100644 --- a/alerttags/cwe-78/index.xml +++ b/alerttags/cwe-78/index.xml @@ -21,6 +21,13 @@ /docs/alerts/10048-2/ <p>The server is running a version of the Bash shell that allows remote attackers to execute arbitrary code.</p> + + Remote Code Execution (React2Shell) + /docs/alerts/40048/ + Mon, 01 Jan 0001 00:00:00 +0000 + /docs/alerts/40048/ + <p>The server is running Next.js and vulnerable versions of React Server Components with Next.js which allow remote attackers to execute arbitrary code.</p> + Remote OS Command Injection /docs/alerts/90020/ diff --git a/alerttags/hipaa/index.html b/alerttags/hipaa/index.html index 1f3f0885ea..4013872f0c 100644 --- a/alerttags/hipaa/index.html +++ b/alerttags/hipaa/index.html @@ -271,6 +271,12 @@

Remote Code Execution (React2Shell) + + + + Remote OS Command Injection diff --git a/alerttags/hipaa/index.xml b/alerttags/hipaa/index.xml index 6507dd7c6d..3992a83af1 100644 --- a/alerttags/hipaa/index.xml +++ b/alerttags/hipaa/index.xml @@ -154,6 +154,13 @@ /docs/alerts/6-5/ <p>The Path Traversal attack technique allows an attacker access to files, directories, and commands that potentially reside outside the web document root directory. An attacker may manipulate a URL in such a way that the web site will execute or reveal the contents of arbitrary files anywhere on the web server. Any device that exposes an HTTP-based interface is potentially vulnerable to Path Traversal.</p> + + Remote Code Execution (React2Shell) + /docs/alerts/40048/ + Mon, 01 Jan 0001 00:00:00 +0000 + /docs/alerts/40048/ + <p>The server is running Next.js and vulnerable versions of React Server Components with Next.js which allow remote attackers to execute arbitrary code.</p> + Remote OS Command Injection /docs/alerts/90020/ diff --git a/alerttags/index.html b/alerttags/index.html index 7e985fe6cd..e181e4a422 100644 --- a/alerttags/index.html +++ b/alerttags/index.html @@ -181,6 +181,18 @@

Alert Tags

+ + CVE-2025-55182 + https://nvd.nist.gov/vuln/detail/CVE-2025-55182 + + + + + CVE-2025-66478 + https://nvd.nist.gov/vuln/detail/CVE-2025-66478 + + + CWE-1004 https://cwe.mitre.org/data/definitions/1004.html diff --git a/alerttags/index.xml b/alerttags/index.xml index d461cffaa5..d5835dae59 100644 --- a/alerttags/index.xml +++ b/alerttags/index.xml @@ -56,6 +56,20 @@ /alerttags/cve-2022-42889/ + + CVE-2025-55182 + /alerttags/cve-2025-55182/ + Mon, 01 Jan 0001 00:00:00 +0000 + /alerttags/cve-2025-55182/ + + + + CVE-2025-66478 + /alerttags/cve-2025-66478/ + Mon, 01 Jan 0001 00:00:00 +0000 + /alerttags/cve-2025-66478/ + + CWE-1004 /alerttags/cwe-1004/ diff --git a/alerttags/owasp_2017_a01/index.html b/alerttags/owasp_2017_a01/index.html index 6126c20737..05eedc69d6 100644 --- a/alerttags/owasp_2017_a01/index.html +++ b/alerttags/owasp_2017_a01/index.html @@ -253,6 +253,12 @@

+ + Remote Code Execution (React2Shell) + + + + Remote File Inclusion diff --git a/alerttags/owasp_2017_a01/index.xml b/alerttags/owasp_2017_a01/index.xml index 717e855d9c..8b72d5048f 100644 --- a/alerttags/owasp_2017_a01/index.xml +++ b/alerttags/owasp_2017_a01/index.xml @@ -133,6 +133,13 @@ /docs/alerts/40008/ <p>Parameter manipulation caused an error page or Java stack trace to be displayed. This indicated lack of exception handling and potential areas for further exploit.</p> + + Remote Code Execution (React2Shell) + /docs/alerts/40048/ + Mon, 01 Jan 0001 00:00:00 +0000 + /docs/alerts/40048/ + <p>The server is running Next.js and vulnerable versions of React Server Components with Next.js which allow remote attackers to execute arbitrary code.</p> + Remote File Inclusion /docs/alerts/7/ diff --git a/alerttags/owasp_2021_a03/index.html b/alerttags/owasp_2021_a03/index.html index 96bb136381..fb34c9e60d 100644 --- a/alerttags/owasp_2021_a03/index.html +++ b/alerttags/owasp_2021_a03/index.html @@ -283,6 +283,12 @@

https://owasp.org/Top1 + + Remote Code Execution (React2Shell) + + + + Remote File Inclusion diff --git a/alerttags/owasp_2021_a03/index.xml b/alerttags/owasp_2021_a03/index.xml index 6ecccc15d6..7f4a3ff034 100644 --- a/alerttags/owasp_2021_a03/index.xml +++ b/alerttags/owasp_2021_a03/index.xml @@ -168,6 +168,13 @@ /docs/alerts/40031/ <p>Cross-site Scripting (XSS) is an attack technique that involves echoing attacker-supplied code into a user&rsquo;s browser instance. A browser instance can be a standard web browser client, or a browser object embedded in a software product such as the browser within WinAmp, an RSS reader, or an email client. The code itself is usually written in HTML/JavaScript, but may also extend to VBScript, ActiveX, Java, Flash, or any other browser-supported technology. When an attacker gets a user&rsquo;s browser to execute his/her code, the code will run within the security context (or zone) of the hosting web site. With this level of privilege, the code has the ability to read, modify and transmit any sensitive data accessible by the browser. A Cross-site Scripted user could have his/her account hijacked (cookie theft), their browser redirected to another location, or possibly shown fraudulent content delivered by the web site they are visiting. Cross-site Scripting attacks essentially compromise the trust relationship between a user and the web site. Applications utilizing browser object instances which load content from the file system may execute code under the local machine zone allowing for system compromise.</p> + + Remote Code Execution (React2Shell) + /docs/alerts/40048/ + Mon, 01 Jan 0001 00:00:00 +0000 + /docs/alerts/40048/ + <p>The server is running Next.js and vulnerable versions of React Server Components with Next.js which allow remote attackers to execute arbitrary code.</p> + Remote File Inclusion /docs/alerts/7/ diff --git a/alerttags/pci_dss/index.html b/alerttags/pci_dss/index.html index 0072ad572b..4929cfea2c 100644 --- a/alerttags/pci_dss/index.html +++ b/alerttags/pci_dss/index.html @@ -253,6 +253,12 @@

Remote Code Execution (React2Shell) + + + + Remote OS Command Injection diff --git a/alerttags/pci_dss/index.xml b/alerttags/pci_dss/index.xml index f06352dd56..6ccd538d34 100644 --- a/alerttags/pci_dss/index.xml +++ b/alerttags/pci_dss/index.xml @@ -133,6 +133,13 @@ /docs/alerts/6-5/ <p>The Path Traversal attack technique allows an attacker access to files, directories, and commands that potentially reside outside the web document root directory. An attacker may manipulate a URL in such a way that the web site will execute or reveal the contents of arbitrary files anywhere on the web server. Any device that exposes an HTTP-based interface is potentially vulnerable to Path Traversal.</p> + + Remote Code Execution (React2Shell) + /docs/alerts/40048/ + Mon, 01 Jan 0001 00:00:00 +0000 + /docs/alerts/40048/ + <p>The server is running Next.js and vulnerable versions of React Server Components with Next.js which allow remote attackers to execute arbitrary code.</p> + Remote OS Command Injection /docs/alerts/90020/ diff --git a/alerttags/policy_dev_cicd/index.html b/alerttags/policy_dev_cicd/index.html index 45e1290053..5d213008fc 100644 --- a/alerttags/policy_dev_cicd/index.html +++ b/alerttags/policy_dev_cicd/index.html @@ -175,6 +175,12 @@

POLICY_DEV_CICD

+ + Remote Code Execution (React2Shell) + + + + Remote OS Command Injection diff --git a/alerttags/policy_dev_cicd/index.xml b/alerttags/policy_dev_cicd/index.xml index 72e671c290..1559fe222e 100644 --- a/alerttags/policy_dev_cicd/index.xml +++ b/alerttags/policy_dev_cicd/index.xml @@ -42,6 +42,13 @@ /docs/alerts/20019-4/ <p>URL redirectors represent common functionality employed by web sites to forward an incoming request to an alternate resource. This can be done for a variety of reasons and is often done to allow resources to be moved within the directory structure and to avoid breaking functionality for users that request the resource at its previous location. URL redirectors may also be used to implement load balancing, leveraging abbreviated URLs or recording outgoing links. It is this last implementation which is often used in phishing attacks as described in the example below. URL redirectors do not necessarily represent a direct security vulnerability but can be abused by attackers trying to social engineer victims into believing that they are navigating to a site other than the true destination.</p> + + Remote Code Execution (React2Shell) + /docs/alerts/40048/ + Mon, 01 Jan 0001 00:00:00 +0000 + /docs/alerts/40048/ + <p>The server is running Next.js and vulnerable versions of React Server Components with Next.js which allow remote attackers to execute arbitrary code.</p> + Remote OS Command Injection /docs/alerts/90020/ diff --git a/alerttags/policy_dev_full/index.html b/alerttags/policy_dev_full/index.html index a9f540b1ea..623c180586 100644 --- a/alerttags/policy_dev_full/index.html +++ b/alerttags/policy_dev_full/index.html @@ -253,6 +253,12 @@

POLICY_DEV_FULL

+ + Remote Code Execution (React2Shell) + + + + Remote File Inclusion diff --git a/alerttags/policy_dev_full/index.xml b/alerttags/policy_dev_full/index.xml index bd0baf16b7..99b2bcb092 100644 --- a/alerttags/policy_dev_full/index.xml +++ b/alerttags/policy_dev_full/index.xml @@ -133,6 +133,13 @@ /docs/alerts/6-5/ <p>The Path Traversal attack technique allows an attacker access to files, directories, and commands that potentially reside outside the web document root directory. An attacker may manipulate a URL in such a way that the web site will execute or reveal the contents of arbitrary files anywhere on the web server. Any device that exposes an HTTP-based interface is potentially vulnerable to Path Traversal.</p> + + Remote Code Execution (React2Shell) + /docs/alerts/40048/ + Mon, 01 Jan 0001 00:00:00 +0000 + /docs/alerts/40048/ + <p>The server is running Next.js and vulnerable versions of React Server Components with Next.js which allow remote attackers to execute arbitrary code.</p> + Remote File Inclusion /docs/alerts/7/ diff --git a/alerttags/policy_dev_std/index.html b/alerttags/policy_dev_std/index.html index 144819a6c6..c2391c70d8 100644 --- a/alerttags/policy_dev_std/index.html +++ b/alerttags/policy_dev_std/index.html @@ -397,6 +397,12 @@

POLICY_DEV_STD

+ + Remote Code Execution (React2Shell) + + + + Remote File Inclusion diff --git a/alerttags/policy_dev_std/index.xml b/alerttags/policy_dev_std/index.xml index 81e941f51f..4ba179dd13 100644 --- a/alerttags/policy_dev_std/index.xml +++ b/alerttags/policy_dev_std/index.xml @@ -301,6 +301,13 @@ /docs/alerts/3-3/ <p>A hyperlink pointing to another host name was found. As session ID URL rewrite is used, it may be disclosed in referer header to external hosts.</p> + + Remote Code Execution (React2Shell) + /docs/alerts/40048/ + Mon, 01 Jan 0001 00:00:00 +0000 + /docs/alerts/40048/ + <p>The server is running Next.js and vulnerable versions of React Server Components with Next.js which allow remote attackers to execute arbitrary code.</p> + Remote File Inclusion /docs/alerts/7/ diff --git a/alerttags/policy_pentest/index.html b/alerttags/policy_pentest/index.html index 16c4699617..14ad8248c9 100644 --- a/alerttags/policy_pentest/index.html +++ b/alerttags/policy_pentest/index.html @@ -925,6 +925,12 @@

POLICY_PENTEST

+ + Remote Code Execution (React2Shell) + + + + Remote File Inclusion diff --git a/alerttags/policy_pentest/index.xml b/alerttags/policy_pentest/index.xml index 55ea40997a..941fbe0153 100644 --- a/alerttags/policy_pentest/index.xml +++ b/alerttags/policy_pentest/index.xml @@ -917,6 +917,13 @@ /docs/alerts/10048-2/ <p>The server is running a version of the Bash shell that allows remote attackers to execute arbitrary code.</p> + + Remote Code Execution (React2Shell) + /docs/alerts/40048/ + Mon, 01 Jan 0001 00:00:00 +0000 + /docs/alerts/40048/ + <p>The server is running Next.js and vulnerable versions of React Server Components with Next.js which allow remote attackers to execute arbitrary code.</p> + Remote File Inclusion /docs/alerts/7/ diff --git a/alerttags/policy_qa_cicd/index.html b/alerttags/policy_qa_cicd/index.html index 6de46a3c48..ca4d123f00 100644 --- a/alerttags/policy_qa_cicd/index.html +++ b/alerttags/policy_qa_cicd/index.html @@ -223,6 +223,12 @@

POLICY_QA_CICD

+ + Remote Code Execution (React2Shell) + + + + Remote OS Command Injection diff --git a/alerttags/policy_qa_cicd/index.xml b/alerttags/policy_qa_cicd/index.xml index 2a4cfe512e..e43b1e1c85 100644 --- a/alerttags/policy_qa_cicd/index.xml +++ b/alerttags/policy_qa_cicd/index.xml @@ -98,6 +98,13 @@ /docs/alerts/10058/ <p>A request that was originally observed as a POST was also accepted as a GET. This issue does not represent a security weakness unto itself, however, it may facilitate simplification of other attacks. For example if the original POST is subject to Cross-Site Scripting (XSS), then this finding may indicate that a simplified (GET based) XSS may also be possible.</p> + + Remote Code Execution (React2Shell) + /docs/alerts/40048/ + Mon, 01 Jan 0001 00:00:00 +0000 + /docs/alerts/40048/ + <p>The server is running Next.js and vulnerable versions of React Server Components with Next.js which allow remote attackers to execute arbitrary code.</p> + Remote OS Command Injection /docs/alerts/90020/ diff --git a/alerttags/policy_qa_full/index.html b/alerttags/policy_qa_full/index.html index 452e6cf4cb..914ca3e929 100644 --- a/alerttags/policy_qa_full/index.html +++ b/alerttags/policy_qa_full/index.html @@ -427,6 +427,12 @@

POLICY_QA_FULL

+ + Remote Code Execution (React2Shell) + + + + Remote File Inclusion diff --git a/alerttags/policy_qa_full/index.xml b/alerttags/policy_qa_full/index.xml index 53e1679f63..2ed8a76246 100644 --- a/alerttags/policy_qa_full/index.xml +++ b/alerttags/policy_qa_full/index.xml @@ -336,6 +336,13 @@ /docs/alerts/20018/ <p>Some PHP versions, when configured to run using CGI, do not correctly handle query strings that lack an unescaped &ldquo;=&rdquo; character, enabling arbitrary code execution. In this case, an operating system command was caused to be executed on the web server, and the results were returned to the web browser.</p> + + Remote Code Execution (React2Shell) + /docs/alerts/40048/ + Mon, 01 Jan 0001 00:00:00 +0000 + /docs/alerts/40048/ + <p>The server is running Next.js and vulnerable versions of React Server Components with Next.js which allow remote attackers to execute arbitrary code.</p> + Remote File Inclusion /docs/alerts/7/ diff --git a/alerttags/policy_qa_std/index.html b/alerttags/policy_qa_std/index.html index 91300beae5..28a51d83d7 100644 --- a/alerttags/policy_qa_std/index.html +++ b/alerttags/policy_qa_std/index.html @@ -613,6 +613,12 @@

POLICY_QA_STD

+ + Remote Code Execution (React2Shell) + + + + Remote File Inclusion diff --git a/alerttags/policy_qa_std/index.xml b/alerttags/policy_qa_std/index.xml index 7f54e9713a..f2f35bf069 100644 --- a/alerttags/policy_qa_std/index.xml +++ b/alerttags/policy_qa_std/index.xml @@ -553,6 +553,13 @@ /docs/alerts/3-3/ <p>A hyperlink pointing to another host name was found. As session ID URL rewrite is used, it may be disclosed in referer header to external hosts.</p> + + Remote Code Execution (React2Shell) + /docs/alerts/40048/ + Mon, 01 Jan 0001 00:00:00 +0000 + /docs/alerts/40048/ + <p>The server is running Next.js and vulnerable versions of React Server Components with Next.js which allow remote attackers to execute arbitrary code.</p> + Remote File Inclusion /docs/alerts/7/ diff --git a/authors/5ubterranean/index.html b/authors/5ubterranean/index.html index 9ff2df1fb4..82f39b3491 100644 --- a/authors/5ubterranean/index.html +++ b/authors/5ubterranean/index.html @@ -224,6 +224,8 @@

Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/akshath/index.html b/authors/akshath/index.html index 6fc71d5082..4d8acd25a4 100644 --- a/authors/akshath/index.html +++ b/authors/akshath/index.html @@ -355,6 +355,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/alberto/index.html b/authors/alberto/index.html index 4d767e21bb..839978c3b2 100644 --- a/authors/alberto/index.html +++ b/authors/alberto/index.html @@ -225,6 +225,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/amit/index.html b/authors/amit/index.html index cb2fe8ba0a..8f4bf9096b 100644 --- a/authors/amit/index.html +++ b/authors/amit/index.html @@ -224,6 +224,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/arkaprabha/index.html b/authors/arkaprabha/index.html index 7095ad587b..24224b75a5 100644 --- a/authors/arkaprabha/index.html +++ b/authors/arkaprabha/index.html @@ -234,6 +234,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/aryangupta701/index.html b/authors/aryangupta701/index.html index ed2c9393c1..18f0715351 100644 --- a/authors/aryangupta701/index.html +++ b/authors/aryangupta701/index.html @@ -224,6 +224,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/bashbunny/index.html b/authors/bashbunny/index.html index 33464730cc..211a8f297a 100644 --- a/authors/bashbunny/index.html +++ b/authors/bashbunny/index.html @@ -224,6 +224,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/bemodtwz/index.html b/authors/bemodtwz/index.html index b886f3c0fd..82d4afe3fe 100644 --- a/authors/bemodtwz/index.html +++ b/authors/bemodtwz/index.html @@ -224,6 +224,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/blazingwind/index.html b/authors/blazingwind/index.html index f313be972f..190234f14e 100644 --- a/authors/blazingwind/index.html +++ b/authors/blazingwind/index.html @@ -224,6 +224,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/chibbyalucard/index.html b/authors/chibbyalucard/index.html index 7c381ba31f..5d758b8037 100644 --- a/authors/chibbyalucard/index.html +++ b/authors/chibbyalucard/index.html @@ -224,6 +224,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/diogo/index.html b/authors/diogo/index.html index efe3d7315e..6457505ffe 100644 --- a/authors/diogo/index.html +++ b/authors/diogo/index.html @@ -224,6 +224,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/eingengraou/index.html b/authors/eingengraou/index.html index 59ddefd295..1d2d6769e4 100644 --- a/authors/eingengraou/index.html +++ b/authors/eingengraou/index.html @@ -224,6 +224,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/hahwul/index.html b/authors/hahwul/index.html index 7bcf755736..5b7989dfed 100644 --- a/authors/hahwul/index.html +++ b/authors/hahwul/index.html @@ -224,6 +224,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/index.html b/authors/index.html index 89f145a1a8..2828447fb5 100644 --- a/authors/index.html +++ b/authors/index.html @@ -125,7 +125,7 @@

    Simon

    - Last Posted Wednesday December 3, 2025 + Last Posted Friday December 5, 2025
    @@ -494,6 +494,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/index.xml b/authors/index.xml index eb6399a8c1..069b9e7562 100644 --- a/authors/index.xml +++ b/authors/index.xml @@ -6,12 +6,12 @@ Recent content in Authors on ZAP Hugo en-us - Wed, 03 Dec 2025 00:00:00 +0000 + Fri, 05 Dec 2025 00:00:00 +0000 Simon /authors/simon/ - Wed, 03 Dec 2025 00:00:00 +0000 + Fri, 05 Dec 2025 00:00:00 +0000 /authors/simon/ diff --git a/authors/jan/index.html b/authors/jan/index.html index 5eed6bf81a..26f1bcdc65 100644 --- a/authors/jan/index.html +++ b/authors/jan/index.html @@ -244,6 +244,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/jordan/index.html b/authors/jordan/index.html index 840f9602ed..1f0261db35 100644 --- a/authors/jordan/index.html +++ b/authors/jordan/index.html @@ -243,6 +243,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/keindel/index.html b/authors/keindel/index.html index 1a4a116bf1..39ea804ef6 100644 --- a/authors/keindel/index.html +++ b/authors/keindel/index.html @@ -224,6 +224,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/mwalkowski/index.html b/authors/mwalkowski/index.html index 35eacc596c..fb387e9cd8 100644 --- a/authors/mwalkowski/index.html +++ b/authors/mwalkowski/index.html @@ -224,6 +224,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/nirojan/index.html b/authors/nirojan/index.html index 235f2a95f2..5abd282bba 100644 --- a/authors/nirojan/index.html +++ b/authors/nirojan/index.html @@ -243,6 +243,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/pranavsaxena/index.html b/authors/pranavsaxena/index.html index 55cfa91f7c..d6fc8e86ff 100644 --- a/authors/pranavsaxena/index.html +++ b/authors/pranavsaxena/index.html @@ -224,6 +224,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/preetkaran20/index.html b/authors/preetkaran20/index.html index 7963d9d738..738cd20f35 100644 --- a/authors/preetkaran20/index.html +++ b/authors/preetkaran20/index.html @@ -235,6 +235,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/simon/index.html b/authors/simon/index.html index 8cf5675369..cab6d99b7d 100644 --- a/authors/simon/index.html +++ b/authors/simon/index.html @@ -120,6 +120,16 @@

    Author: Simon

    +
    +

    + React2Shell Detection with ZAP +

    +
    + Last Posted Friday December 5, 2025 +
    +
    React2Shell is the latest big “named” vulnerability - heres how you can detect it with ZAP.
    +
    +

    ZAP Updates - November 2025 @@ -1437,6 +1447,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/simon/index.xml b/authors/simon/index.xml index 325615e9c2..c1e26874d8 100644 --- a/authors/simon/index.xml +++ b/authors/simon/index.xml @@ -6,8 +6,15 @@ Recent content in Simon on ZAP Hugo en-us - Wed, 03 Dec 2025 00:00:00 +0000 + Fri, 05 Dec 2025 00:00:00 +0000 + + React2Shell Detection with ZAP + /blog/2025-12-05-react2shell-detection-with-zap/ + Fri, 05 Dec 2025 00:00:00 +0000 + /blog/2025-12-05-react2shell-detection-with-zap/ + React2Shell is the latest big &ldquo;named&rdquo; vulnerability - heres how you can detect it with ZAP. + ZAP Updates - November 2025 /blog/2025-12-03-zap-updates-november-2025/ diff --git a/authors/skyper/index.html b/authors/skyper/index.html index 6416faadc4..f46a1ef410 100644 --- a/authors/skyper/index.html +++ b/authors/skyper/index.html @@ -224,6 +224,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/telmon/index.html b/authors/telmon/index.html index 7ae4edfd54..ea9418bebf 100644 --- a/authors/telmon/index.html +++ b/authors/telmon/index.html @@ -224,6 +224,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/thorin/index.html b/authors/thorin/index.html index 8cb3f0cb75..120e4d1ece 100644 --- a/authors/thorin/index.html +++ b/authors/thorin/index.html @@ -296,6 +296,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/trevor/index.html b/authors/trevor/index.html index 79eb47c7ad..84eeb10b6a 100644 --- a/authors/trevor/index.html +++ b/authors/trevor/index.html @@ -224,6 +224,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/vitikasoni/index.html b/authors/vitikasoni/index.html index 7551accbb0..4ef3db0dc1 100644 --- a/authors/vitikasoni/index.html +++ b/authors/vitikasoni/index.html @@ -224,6 +224,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/yiannis/index.html b/authors/yiannis/index.html index d8a16ef26c..2696cc4508 100644 --- a/authors/yiannis/index.html +++ b/authors/yiannis/index.html @@ -244,6 +244,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/authors/zoltan/index.html b/authors/zoltan/index.html index 135193a458..5112a73248 100644 --- a/authors/zoltan/index.html +++ b/authors/zoltan/index.html @@ -224,6 +224,8 @@

    Tags

  • questionnaire
    • +
  • react2shell
    • +
  • recon
  • release
    • diff --git a/blog/2025-12-03-zap-updates-november-2025/index.html b/blog/2025-12-03-zap-updates-november-2025/index.html index d209e6528c..ab1028aaca 100644 --- a/blog/2025-12-03-zap-updates-november-2025/index.html +++ b/blog/2025-12-03-zap-updates-november-2025/index.html @@ -556,6 +556,8 @@
    Windows WebDrivers
    Previous + Next +