ZAP Scan Baseline Report
github-actions opened this issue · 3 comments
github-actions commented
- Site: http://localhost:8090
New Alerts- Absence of Anti-CSRF Tokens [10202] total: 4:
- http://localhost:8090/dist/vendor.js?v=V-x68OFoHpxSGEX1YxRFN3MoEWOewY9CxoEMQpZr4kE
- http://localhost:8090/dist/vendor.js?v=V-x68OFoHpxSGEX1YxRFN3MoEWOewY9CxoEMQpZr4kE
- http://localhost:8090/dist/vendor.js?v=V-x68OFoHpxSGEX1YxRFN3MoEWOewY9CxoEMQpZr4kE
- http://localhost:8090/dist/vendor.js?v=V-x68OFoHpxSGEX1YxRFN3MoEWOewY9CxoEMQpZr4kE
- CSP: Wildcard Directive [10055] total: 2:
- CSP: script-src unsafe-inline [10055] total: 2:
- CSP: style-src unsafe-inline [10055] total: 2:
- Sub Resource Integrity Attribute Missing [90003] total: 2:
- Vulnerable JS Library [10003] total: 1:
- Cross-Domain JavaScript Source File Inclusion [10017] total: 2:
- Dangerous JS Functions [10110] total: 3:
- Permissions Policy Header Not Set [10063] total: 11:
- http://localhost:8090
- http://localhost:8090/
- http://localhost:8090/modules/$(VirtoCommerce.Assets)/dist/app.js?v=ofhnrHdem1Z7XLNx-hWL3xUCPnnMgVy4B6WqnwVT7IE
- http://localhost:8090/modules/$(VirtoCommerce.BulkActionsModule)/dist/app.js?v=bx2WCaYbo0S7frA5b2VtDkxui4XLMmhsAYoa_v7Q3OA
- http://localhost:8090/modules/$(VirtoCommerce.Core)/dist/app.js?v=Wc4gtjHxlmslOXRbJBwSk8_bnCgAxfeLRNxPFBtfgtk
- ..
- Timestamp Disclosure - Unix [10096] total: 1:
- Base64 Disclosure [10094] total: 5:
- Information Disclosure - Suspicious Comments [10027] total: 11:
- http://localhost:8090
- http://localhost:8090/
- http://localhost:8090/dist/app.js?v=QF6xfChRmaqOPQQ-xq2lmr8Z6np7Zhe0byu81CKU3BQ
- http://localhost:8090/dist/vendor.js?v=V-x68OFoHpxSGEX1YxRFN3MoEWOewY9CxoEMQpZr4kE
- http://localhost:8090/modules/$(VirtoCommerce.Assets)/dist/app.js?v=ofhnrHdem1Z7XLNx-hWL3xUCPnnMgVy4B6WqnwVT7IE
- ..
- Modern Web Application [10109] total: 2:
- Sec-Fetch-Dest Header is Missing [90005] total: 2:
- Sec-Fetch-Mode Header is Missing [90005] total: 2:
- Sec-Fetch-Site Header is Missing [90005] total: 2:
- Sec-Fetch-User Header is Missing [90005] total: 2:
- Storable and Cacheable Content [10049] total: 11:
- http://localhost:8090
- http://localhost:8090/
- http://localhost:8090/favicon.ico
- http://localhost:8090/modules/$(VirtoCommerce.Catalog)/dist/style.css?v=Z_wcrI_74CPpGEznTeEexg7SU5lYBVj53SZZ2ZjvZ40
- http://localhost:8090/modules/$(VirtoCommerce.Core)/dist/style.css?v=JxV59GTG-OlnR0vCng7qmL0bUL_hI5YdQOSjYMpqEsw
- ..
- Absence of Anti-CSRF Tokens [10202] total: 4:
View the following link to download the report.
RunnerID:6009076720
mvktsk commented
Task https://virtocommerce.atlassian.net/browse/VP-8433 has been created
github-actions commented
- Site: http://localhost:8090
Resolved Alerts- Vulnerable JS Library [10003] total: 1:
View the following link to download the report.
RunnerID:6271649554
github-actions commented
- Site: http://localhost:8090
Resolved Alerts- Absence of Anti-CSRF Tokens [10202] total: 4:
View the following link to download the report.
RunnerID:6507370212