Open
Description
- Site: https://www.zaproxy.org
New Alerts- X-Content-Type-Options Header Missing [10021] total: 12:
- https://www.zaproxy.org/blog/2021-03-12-report-competition/images/charts_hu5a68a49de018c52213fc356f51866a65_21070_300x300_fill_box_smart1_2.png
- https://www.zaproxy.org/blog/2021-02-10-automate-checking-asvs-controls-using-zap-scripts/images/asvs_40_levels_huf2810edff9a993bcea255b287ef36fd6_260256_300x300_fill_box_smart1_2.png
- https://www.zaproxy.org/blog/2021-03-04-zapcon-is-nearly-here/images/zapcon_hud1659008d282d9f8da12206abddcdc3f_86227_300x300_fill_box_smart1_2.png
- https://www.zaproxy.org/blog/2021-02-03-run-zap-without-java-using-docker-and-webswing/images/zap-webswing-proxy_hucd878ef9f3837e464d7634c9a4170359_743260_300x300_fill_box_smart1_2.png
- https://www.zaproxy.org/blog/index.xml
- ..
- Base64 Disclosure [10094] total: 12:
- Content Security Policy (CSP) Header Not Set [10038] total: 11:
- Private IP Disclosure [2] total: 8:
- Application Error Disclosure [90022] total: 6:
- https://www.zaproxy.org/docs/desktop/addons/passive-scan-rules/
- https://www.zaproxy.org/docs/desktop/start/features/custompages/
- https://www.zaproxy.org/docs/desktop/ui/dialogs/session/contexts/
- https://www.zaproxy.org/docs/desktop/addons/websockets/pscanrules/
- https://www.zaproxy.org/docs/desktop/releases/2.7.0/
- ..
- Source Code Disclosure - SQL [10099] total: 10:
- Information Disclosure - Debug Error Messages [10023] total: 5:
- https://www.zaproxy.org/docs/desktop/start/features/custompages/
- https://www.zaproxy.org/docs/desktop/ui/dialogs/session/contexts/
- https://www.zaproxy.org/docs/desktop/addons/websockets/pscanrules/
- https://www.zaproxy.org/docs/alerts/40008/
- https://www.zaproxy.org/docs/desktop/addons/passive-scan-rules/
- Absence of Anti-CSRF Tokens [10202] total: 11:
- Strict-Transport-Security Header Not Set [10035] total: 12:
- https://www.zaproxy.org/blog/2021-03-04-zapcon-is-nearly-here/images/zapcon_hud1659008d282d9f8da12206abddcdc3f_86227_300x300_fill_box_smart1_2.png
- https://www.zaproxy.org/main.805f6.css
- https://www.zaproxy.org/blog/2021-03-12-report-competition/images/charts_hu5a68a49de018c52213fc356f51866a65_21070_300x300_fill_box_smart1_2.png
- https://www.zaproxy.org/img/search.svg
- https://www.zaproxy.org/main.805f6.js
- ..
- Storable and Cacheable Content [10049] total: 11:
- Cross-Domain JavaScript Source File Inclusion [10017] total: 10:
- Information Disclosure - Suspicious Comments [10027] total: 3:
- Cookie Without Secure Flag [10011] total: 5:
- Cross-Domain Misconfiguration [10098] total: 12:
- https://www.zaproxy.org/index.xml
- https://www.zaproxy.org/sitemap.xml
- https://www.zaproxy.org/blog/2021-01-28-announcing-the-first-ever-zapcon/images/zapcon-social_huef03cec6befbbafbff1699740873af13_22792_300x300_fill_box_smart1_2.png
- https://www.zaproxy.org/blog/2021-02-10-automate-checking-asvs-controls-using-zap-scripts/images/asvs_40_levels_huf2810edff9a993bcea255b287ef36fd6_260256_300x300_fill_box_smart1_2.png
- https://www.zaproxy.org/img/favicon.ico
- ..
- Sub Resource Integrity Attribute Missing [90003] total: 12:
- Incomplete or No Cache-control and Pragma HTTP Header Set [10015] total: 11:
- Modern Web Application [10109] total: 11:
- Content-Type Header Missing [10019] total: 2:
- Feature Policy Header Not Set [10063] total: 11:
- Loosely Scoped Cookie [90033] total: 5:
- Timestamp Disclosure - Unix [10096] total: 5:
- Retrieved from Cache [10050] total: 12:
- Dangerous JS Functions [10110] total: 1:
- PII Disclosure [10062] total: 2:
- Source Code Disclosure - PHP [10099] total: 1:
- X-Content-Type-Options Header Missing [10021] total: 12:
View the following link to download the report.
RunnerID:649052563
Metadata
Metadata
Assignees
Labels
No labels