ZAP Full Scan Report

[github-actions]

• Site: https://localhost
  New Alerts

  • HTTP Only Site [10106] total: 1:
    • http://localhost:4566

• Site: http://localhost:4566
  New Alerts

  • Content Security Policy (CSP) Header Not Set [10038] total: 4:
    • http://localhost:4566/sitemap.xml
    • http://localhost:4566/
    • http://localhost:4566/robots.txt
    • http://localhost:4566/restapis/eeht3jheq0/local/user_request/ping
  • User Agent Fuzzer [10104] total: 7:
    • http://localhost:4566/restapis/eeht3jheq0/local/user_request/ping
    • http://localhost:4566/restapis/eeht3jheq0/local/user_request/ping
    • http://localhost:4566/restapis/eeht3jheq0/local/user_request/ping
    • http://localhost:4566/restapis/eeht3jheq0/local/user_request/ping
    • http://localhost:4566/restapis/eeht3jheq0/local/user_request/ping
    • ..
  • Server Leaks Version Information via "Server" HTTP Response Header Field [10036] total: 4:
    • http://localhost:4566/sitemap.xml
    • http://localhost:4566/
    • http://localhost:4566/robots.txt
    • http://localhost:4566/restapis/eeht3jheq0/local/user_request/ping
  • Cloud Metadata Potentially Exposed [90034] total: 1:
    • http://localhost:4566/latest/meta-data/
  • Cross-Domain Misconfiguration [10098] total: 4:
    • http://localhost:4566/sitemap.xml
    • http://localhost:4566/robots.txt
    • http://localhost:4566/
    • http://localhost:4566/restapis/eeht3jheq0/local/user_request/ping
  • X-Content-Type-Options Header Missing [10021] total: 1:
    • http://localhost:4566/restapis/eeht3jheq0/local/user_request/ping
  • X-Frame-Options Header Not Set [10020] total: 1:
    • http://localhost:4566/restapis/eeht3jheq0/local/user_request/ping

View the following link to download the report.
RunnerID:803637089