ZAP Scan Baseline Report
github-actions opened this issue · 3 comments
github-actions commented
- Site: http://localhost:8090
New Alerts- Content Security Policy (CSP) Header Not Set [10038] total: 1:
- Vulnerable JS Library [10003] total: 2:
- Dangerous JS Functions [10110] total: 4:
- http://localhost:8090/dist/app.js?v=4jBfAZIsa86FCmwjf06EfzPjGNy2uHbIO5PPDpK1yV0
- http://localhost:8090/dist/vendor.js?v=yfUOaxxk9-ATFjmDt1fFE_uCc3lkd00zOKnfYHMRu3k
- http://localhost:8090/modules/$(VirtoCommerce.Core)/dist/app.js?v=G9gt-KeOnZtZ8Ty5A5n4v1gov4_gG1kkdOxyPr2SOhQ
- http://localhost:8090/modules/$(VirtoCommerce.Notifications)/dist/app.js?v=GjNZYHlMJXPLOKAs5f-ynbD5wBz7reG7BsDwJP5UYMo
- Permissions Policy Header Not Set [10063] total: 11:
- http://localhost:8090
- http://localhost:8090/
- http://localhost:8090/modules/$(VirtoCommerce.Assets)/dist/app.js?v=DJjcTONCVxUVirP6reXh_RmnQ9T1vxlKe1v4OKwDUQQ
- http://localhost:8090/modules/$(VirtoCommerce.BulkActionsModule)/dist/app.js?v=XtkhAtreaCsJOWlgjD4Pd7WXwMOr6Cb5-SrVhYXchyg
- http://localhost:8090/modules/$(VirtoCommerce.Core)/dist/app.js?v=G9gt-KeOnZtZ8Ty5A5n4v1gov4_gG1kkdOxyPr2SOhQ
- ..
- Timestamp Disclosure - Unix [10096] total: 1:
- X-Content-Type-Options Header Missing [10021] total: 11:
- http://localhost:8090
- http://localhost:8090/
- http://localhost:8090/favicon.ico
- http://localhost:8090/modules/$(VirtoCommerce.Catalog)/dist/style.css?v=EMDpGYtjrmIOnjRTofF4XNnlwl_fhxNtbQgD-ZZgg4A
- http://localhost:8090/modules/$(VirtoCommerce.Content)/dist/style.css?v=hi6GOxxdbfalx1EwI4zUAXCQlDVoig3i0xcfJ74ZqKQ
- ..
- Base64 Disclosure [10094] total: 11:
- http://localhost:8090
- http://localhost:8090/
- http://localhost:8090/modules/$(VirtoCommerce.Catalog)/dist/style.css?v=EMDpGYtjrmIOnjRTofF4XNnlwl_fhxNtbQgD-ZZgg4A
- http://localhost:8090/modules/$(VirtoCommerce.Content)/dist/style.css?v=hi6GOxxdbfalx1EwI4zUAXCQlDVoig3i0xcfJ74ZqKQ
- http://localhost:8090/modules/$(VirtoCommerce.Core)/dist/style.css?v=tr9c88O5met9q0Lcf4Eaxed3GIfCzqqPCQk2v8QU2iY
- ..
- Information Disclosure - Suspicious Comments [10027] total: 14:
- Modern Web Application [10109] total: 2:
- Storable and Cacheable Content [10049] total: 11:
- http://localhost:8090
- http://localhost:8090/
- http://localhost:8090/modules/$(VirtoCommerce.Catalog)/dist/style.css?v=EMDpGYtjrmIOnjRTofF4XNnlwl_fhxNtbQgD-ZZgg4A
- http://localhost:8090/modules/$(VirtoCommerce.Content)/dist/style.css?v=hi6GOxxdbfalx1EwI4zUAXCQlDVoig3i0xcfJ74ZqKQ
- http://localhost:8090/modules/$(VirtoCommerce.Core)/dist/style.css?v=tr9c88O5met9q0Lcf4Eaxed3GIfCzqqPCQk2v8QU2iY
- ..
View the following link to download the report.
RunnerID:3882036556
mvktsk commented
Task https://virtocommerce.atlassian.net/browse/VP-8275 has been created
github-actions commented
- Site: http://localhost:8090
New Alerts- Absence of Anti-CSRF Tokens [10202] total: 4:
- http://localhost:8090/dist/vendor.js?v=qu218QMvD0Ltn0mgDoEdPG0D5NLwxqKnJKchnoWIIHQ
- http://localhost:8090/dist/vendor.js?v=qu218QMvD0Ltn0mgDoEdPG0D5NLwxqKnJKchnoWIIHQ
- http://localhost:8090/dist/vendor.js?v=qu218QMvD0Ltn0mgDoEdPG0D5NLwxqKnJKchnoWIIHQ
- http://localhost:8090/dist/vendor.js?v=qu218QMvD0Ltn0mgDoEdPG0D5NLwxqKnJKchnoWIIHQ
- Absence of Anti-CSRF Tokens [10202] total: 4:
View the following link to download the report.
RunnerID:4383720597
github-actions commented
- Site: http://localhost:8090
New Alerts- Sub Resource Integrity Attribute Missing [90003] total: 2:
- Cross-Domain JavaScript Source File Inclusion [10017] total: 2:
View the following link to download the report.
RunnerID:4384340596