Severity levels

In the case of issues, the severity icon indicates the severity level of the issue; in the case of Issue Types and URLs, it indicates the most severe of all issues under that node.

Icon

Indicates

Description

Examples


red severity icon

High severity

Direct danger to your application, web server, or information

Executing commands on server, stealing customer information, denial of service


orange severity icon

Medium severity

Threat through unauthorized access to private areas, though the database and operating system are not at risk

Script source disclosure, forceful browsing


yellow severity icon

Low severity

Allow for unauthorized reconnaissance

Server path disclosure, internal IP address disclosure


white severity icon

Informational

Issues you should know about, not necessarily security issues

Insecure methods enabled