Upper-Intermediate Testing & QA #security-testing #owasp #sast #dast #penetration-testing

Security Testing Language

5 exercises — practise writing OWASP findings, classifying CVSS severity, distinguishing SAST/DAST/IAST, structuring pentest reports, and defining engagement scope.

0 / 5 completed
1 / 5

A security tester discovers that the login endpoint accepts a SQL injection payload that returns a valid session without valid credentials. Which finding description is the most appropriate for a security test report?