VirtoCommerce/vc-platform

ZAP Scan Baseline Report

github-actions opened this issue 2 years ago · 3 comments

github-actions commented 2 years ago

Site: http://localhost:8090
New Alerts
- Content Security Policy (CSP) Header Not Set [10038] total: 2:
  - http://localhost:8090
  - http://localhost:8090/
- Vulnerable JS Library [10003] total: 2:
  - http://localhost:8090/dist/vendor.js?v=yfUOaxxk9-ATFjmDt1fFE_uCc3lkd00zOKnfYHMRu3k
  - http://localhost:8090/modules/$(VirtoCommerce.Core)/dist/app.js?v=hJEQQDOcI91I41dZYtv9B6aVPFBSU2AQ7s7QcOm5oQs
- Dangerous JS Functions [10110] total: 4:
- Permissions Policy Header Not Set [10063] total: 11:
- Timestamp Disclosure - Unix [10096] total: 12:
- X-Content-Type-Options Header Missing [10021] total: 11:
- Base64 Disclosure [10094] total: 11:
- Information Disclosure - Suspicious Comments [10027] total: 11:
- Modern Web Application [10109] total: 5:
- Storable and Cacheable Content [10049] total: 11:

View the following link to download the report.
RunnerID:2716941964

mvktsk commented 2 years ago

Task https://virtocommerce.atlassian.net/browse/VP-8130 has been created

github-actions commented 2 years ago

Site: http://localhost:8090
Resolved Alerts
- Dangerous JS Functions [10110] total: 4:
- Permissions Policy Header Not Set [10063] total: 11:
- Base64 Disclosure [10094] total: 11:
- Modern Web Application [10109] total: 5:
- Storable and Cacheable Content [10049] total: 11:

View the following link to download the report.
RunnerID:3043565672

github-actions commented 2 years ago

Site: http://localhost:8090
New Alerts
- Dangerous JS Functions [10110] total: 4:
- Permissions Policy Header Not Set [10063] total: 11:
- Base64 Disclosure [10094] total: 11:
- Modern Web Application [10109] total: 5:
- Storable and Cacheable Content [10049] total: 11:

View the following link to download the report.
RunnerID:3179792796