OWASP Baseline · Issue #1960 · bcgov/cas-cif · GitHub

8000 OWASP Baseline · Issue #1960 · bcgov/cas-cif · GitHub

More Web Proxy on the site http://driver.im/

OWASP Baseline #1960

Open

Open

OWASP Baseline#1960

Site: http://localhost:3004
New Alerts
- Absence of Anti-CSRF Tokens [10202] total: 2:
  - http://localhost:3004/
  - http://localhost:3004/
- CSP: Wildcard Directive [10055] total: 3:
- Content Security Policy (CSP) Header Not Set [10038] total: 1:
  - http://localhost:3004/
- Application Error Disclosure [90022] total: 1:
  - http://localhost:3004/
- Cookie No HttpOnly Flag [10010] total: 1:
  - http://localhost:3004/
- Cookie without SameSite Attribute [10054] total: 2:
  - http://localhost:3004/
  - http://localhost:3004/
- Information Disclosure - Debug Error Messages [10023] total: 3:
- Insufficient Site Isolation Against Spectre Vulnerability [90004] total: 3:
- Permissions Policy Header Not Set [10063] total: 3:
- Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) [10037] total: 1:
  - http://localhost:3004/
- Base64 Disclosure [10094] total: 1:
  - http://localhost:3004/
- Modern Web Application [10109] total: 1:
  - http://localhost:3004/
- Non-Storable Content [10049] total: 4:
- Sec-Fetch-Dest Header is Missing [90005] total: 3:
- Sec-Fetch-Mode Header is Missing [90005] total: 3:
- Sec-Fetch-Site Header is Missing [90005] total: 3:
- Sec-Fetch-User Header is Missing [90005] total: 3:

View the following link to download the report.
RunnerID:13823872849

ZAP is supported by the Crash Override Open Source Fellowship

Metadata

Assignees

No one assigned

Labels

No labels

No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

0