ZAP Scan Baseline Report

[github-actions]

• Site: https://pwning.owasp-juice.shop
  New Alerts

  • Content Security Policy (CSP) Header Not Set [10038] total: 11:
    • https://pwning.owasp-juice.shop
    • https://pwning.owasp-juice.shop/
    • https://pwning.owasp-juice.shop/introduction/architecture.html
    • https://pwning.owasp-juice.shop/introduction/motivation.html
    • https://pwning.owasp-juice.shop/part1/
    • ..
  • Missing Anti-clickjacking Header [10020] total: 11:
    • https://pwning.owasp-juice.shop
    • https://pwning.owasp-juice.shop/
    • https://pwning.owasp-juice.shop/introduction/architecture.html
    • https://pwning.owasp-juice.shop/introduction/motivation.html
    • https://pwning.owasp-juice.shop/part1/
    • ..
  • Dangerous JS Functions [10110] total: 2:
    • https://pwning.owasp-juice.shop/gitbook/gitbook.js
    • https://pwning.owasp-juice.shop/gitbook/theme.js
  • Permissions Policy Header Not Set [10063] total: 11:
    • https://pwning.owasp-juice.shop
    • https://pwning.owasp-juice.shop/
    • https://pwning.owasp-juice.shop/introduction/architecture.html
    • https://pwning.owasp-juice.shop/introduction/motivation.html
    • https://pwning.owasp-juice.shop/part1/
    • ..
  • Server Leaks Version Information via "Server" HTTP Response Header Field [10036] total: 11:
    • https://pwning.owasp-juice.shop
    • https://pwning.owasp-juice.shop/
    • https://pwning.owasp-juice.shop/introduction/architecture.html
    • https://pwning.owasp-juice.shop/introduction/motivation.html
    • https://pwning.owasp-juice.shop/part1/
    • ..
  • Strict-Transport-Security Header Not Set [10035] total: 11:
    • https://pwning.owasp-juice.shop
    • https://pwning.owasp-juice.shop/
    • https://pwning.owasp-juice.shop/introduction/architecture.html
    • https://pwning.owasp-juice.shop/introduction/motivation.html
    • https://pwning.owasp-juice.shop/part1/
    • ..
  • X-Content-Type-Options Header Missing [10021] total: 11:
    • https://pwning.owasp-juice.shop
    • https://pwning.owasp-juice.shop/
    • https://pwning.owasp-juice.shop/introduction/architecture.html
    • https://pwning.owasp-juice.shop/introduction/motivation.html
    • https://pwning.owasp-juice.shop/part1/
    • ..
  • Re-examine Cache-control Directives [10015] total: 11:
    • https://pwning.owasp-juice.shop
    • https://pwning.owasp-juice.shop/
    • https://pwning.owasp-juice.shop/introduction/architecture.html
    • https://pwning.owasp-juice.shop/introduction/motivation.html
    • https://pwning.owasp-juice.shop/part1/
    • ..
  • Storable and Cacheable Content [10049] total: 11:
    • https://pwning.owasp-juice.shop
    • https://pwning.owasp-juice.shop/
    • https://pwning.owasp-juice.shop/introduction/architecture.html
    • https://pwning.owasp-juice.shop/introduction/motivation.html
    • https://pwning.owasp-juice.shop/part1/
    • ..

  Ignored Alerts

  • Application Error Disclosure [90022] total: 2:
  • Source Code Disclosure - SQL [10099] total: 2:
  • Information Disclosure - Debug Error Messages [10023] total: 2:
  • Private IP Disclosure [2] total: 2:
  • Base64 Disclosure [10094] total: 11:
  • Information Disclosure - Suspicious Comments [10027] total: 11:
  • Modern Web Application [10109] total: 1:

View the following link to download the report.
RunnerID:3863494722