| STIG ID | Version | Title | Product |
|---|---|---|---|
| SRG-APP-000251-API-000525 | V1R1 | The API must specify allowed origins when using Cross-Origin Resource Sharing (CORS). | Security Requirements Guide - API |
| SRG-APP-000251-DNS-000037 | V4R2 | The DNS server implementation must check the validity of all data inputs except those specifically identified by the organization. | Security Requirements Guide - Domain Name Service |
| SRG-APP-000251-MFP-000328 | V3R4 | The Mainframe Product must check the validity of all data inputs except those specifically identified by the organization. | Security Requirements Guide - Mainframe Product |
| SRG-APP-000251-WSR-000157 | V4R4 | The web server must limit the character set used for data entry. | Security Requirements Guide - Web Server |
| SRG-APP-000251-WSR-000194 | V4R4 | The web server must interpret and normalize ambiguous HTTP requests or terminate the TCP connection. | Security Requirements Guide - Web Server |
| SRG-APP-000251-WSR-000195 | V4R4 | The web server must terminate the connection if server-level exceptions are triggered when handling requests to prevent HTTP request smuggling attacks. | Security Requirements Guide - Web Server |