OWASP Baseline

[github-actions]

• Site: http://localhost:3004
  New Alerts
  • Absence of Anti-CSRF Tokens [10202] total: 2:
    • http://localhost:3004/
    • http://localhost:3004/
  • Content Security Policy (CSP) Header Not Set [10038] total: 3:
    • http://localhost:3004/
    • http://localhost:3004/robots.txt
    • http://localhost:3004/sitemap.xml
  • Cookie No HttpOnly Flag [10010] total: 11:
    • http://localhost:3004/
    • http://localhost:3004/_next/static/chunks/framework-d583295f3144c491.js
    • http://localhost:3004/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js
    • http://localhost:3004/_next/static/chunks/webpack-69099345fb0f689a.js
    • http://localhost:3004/_next/static/css/e90bd523cb72f146.css
    • ..
  • Cookie without SameSite Attribute [10054] total: 10:
    • http://localhost:3004/
    • http://localhost:3004/
    • http://localhost:3004/icons/bcid-apple-icon.svg
    • http://localhost:3004/icons/bcid-apple-touch-icon.png
    • http://localhost:3004/icons/bcid-favicon-16x16.png
    • ..
  • Dangerous JS Functions [10110] total: 1:
    • http://localhost:3004/_next/static/chunks/pages/_app-c6de9f20edc9f464.js
  • Permissions Policy Header Not Set [10063] total: 11:
    • http://localhost:3004/
    • http://localhost:3004/_next/static/chunks/8360-2891d9bad8e6c5dd.js
    • http://localhost:3004/_next/static/chunks/framework-d583295f3144c491.js
    • http://localhost:3004/_next/static/chunks/main-a3de02a07ab781e7.js
    • http://localhost:3004/_next/static/chunks/pages/404-6afac836af067973.js
    • ..
  • Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) [10037] total: 3:
    • http://localhost:3004/
    • http://localhost:3004/robots.txt
    • http://localhost:3004/sitemap.xml
  • Timestamp Disclosure - Unix [10096] total: 3:
    • http://localhost:3004/_next/static/chunks/8360-2891d9bad8e6c5dd.js
    • http://localhost:3004/_next/static/chunks/pages/_app-c6de9f20edc9f464.js
    • http://localhost:3004/_next/static/chunks/pages/index-d6b807e46a8235e4.js
  • Base64 Disclosure [10094] total: 7:
    • http://localhost:3004/
    • http://localhost:3004/
    • http://localhost:3004/_next/static/chunks/pages/_app-c6de9f20edc9f464.js
    • http://localhost:3004/robots.txt
    • http://localhost:3004/sitemap.xml
    • ..
  • Information Disclosure - Suspicious Comments [10027] total: 11:
    • http://localhost:3004/
    • http://localhost:3004/_next/static/chunks/8360-2891d9bad8e6c5dd.js
    • http://localhost:3004/_next/static/chunks/framework-d583295f3144c491.js
    • http://localhost:3004/_next/static/chunks/pages/_app-c6de9f20edc9f464.js
    • http://localhost:3004/_next/static/chunks/pages/_app-c6de9f20edc9f464.js
    • ..
  • Loosely Scoped Cookie [90033] total: 12:
    • http://localhost:3004/
    • http://localhost:3004/
    • http://localhost:3004/_next/static/chunks/framework-d583295f3144c491.js
    • http://localhost:3004/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js
    • http://localhost:3004/_next/static/chunks/webpack-69099345fb0f689a.js
    • ..
  • Modern Web Application [10109] total: 3:
    • http://localhost:3004/
    • http://localhost:3004/robots.txt
    • http://localhost:3004/sitemap.xml
  • Non-Storable Content [10049] total: 1:
    • http://localhost:3004/
  • Sec-Fetch-Dest Header is Missing [90005] total: 3:
    • http://localhost:3004/
    • http://localhost:3004/robots.txt
    • http://localhost:3004/sitemap.xml
  • Sec-Fetch-Mode Header is Missing [90005] total: 3:
    • http://localhost:3004/
    • http://localhost:3004/robots.txt
    • http://localhost:3004/sitemap.xml
  • Sec-Fetch-Site Header is Missing [90005] total: 3:
    • http://localhost:3004/
    • http://localhost:3004/robots.txt
    • http://localhost:3004/sitemap.xml
  • Sec-Fetch-User Header is Missing [90005] total: 3:
    • http://localhost:3004/
    • http://localhost:3004/robots.txt
    • http://localhost:3004/sitemap.xml
  • Session Management Response Identified [10112] total: 12:
    • http://localhost:3004/
    • http://localhost:3004/
    • http://localhost:3004/icons/bcid-apple-icon.svg
    • http://localhost:3004/icons/bcid-apple-touch-icon.png
    • http://localhost:3004/icons/bcid-favicon-16x16.png
    • ..
  • Storable and Cacheable Content [10049] total: 6:
    • http://localhost:3004/_next/static/chunks/framework-d583295f3144c491.js
    • http://localhost:3004/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js
    • http://localhost:3004/_next/static/chunks/webpack-69099345fb0f689a.js
    • http://localhost:3004/_next/static/css/e90bd523cb72f146.css
    • http://localhost:3004/robots.txt
    • ..
  • Storable but Non-Cacheable Content [10049] total: 4:
    • http://localhost:3004/icons/bcid-apple-icon.svg
    • http://localhost:3004/icons/bcid-apple-touch-icon.png
    • http://localhost:3004/icons/bcid-favicon-16x16.png
    • http://localhost:3004/icons/bcid-favicon-32x32.png

View the following link to download the report.
RunnerID:6123378897

[github-actions]

• Site: http://localhost:3004
  Resolved Alerts
  • Cookie No HttpOnly Flag [10010] total: 11:

View the following link to download the report.
RunnerID:6123861755

[github-actions]

• Site: http://localhost:3004
  New Alerts
  • Cookie No HttpOnly Flag [10010] total: 11:
    • http://localhost:3004/
    • http://localhost:3004/_next/static/chunks/framework-d583295f3144c491.js
    • http://localhost:3004/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js
    • http://localhost:3004/_next/static/chunks/webpack-69099345fb0f689a.js
    • http://localhost:3004/_next/static/css/e90bd523cb72f146.css
    • ..

View the following link to download the report.
RunnerID:6125941718