ZAP API Scan Report

Question

ZAP API Scan Report

Opened this issue a year ago · 0 comments

github-actions commented a year ago

Site: https://security.c4po.dev
New Alerts
- Content Security Policy (CSP) Header Not Set [10038] total: 1:
  - https://security.c4po.dev
- Cross-Domain Misconfiguration [10098] total: 1:
  - https://security.c4po.dev
- Missing Anti-clickjacking Header [10020] total: 1:
  - https://security.c4po.dev
- Permissions Policy Header Not Set [10063] total: 1:
  - https://security.c4po.dev
- Strict-Transport-Security Header Not Set [10035] total: 1:
  - https://security.c4po.dev
- Unexpected Content-Type was returned [100001] total: 56:
- X-Content-Type-Options Header Missing [10021] total: 1:
  - https://security.c4po.dev
- A Client Error response code was returned by the server [100000] total: 54:
- Base64 Disclosure [10094] total: 1:
  - https://security.c4po.dev
- Information Disclosure - Suspicious Comments [10027] total: 1:
  - https://security.c4po.dev
- Modern Web Application [10109] total: 1:
  - https://security.c4po.dev
- Re-examine Cache-control Directives [10015] total: 1:
  - https://security.c4po.dev
- Retrieved from Cache [10050] total: 1:
  - https://security.c4po.dev
- Sec-Fetch-Dest Header is Missing [90005] total: 1:
  - https://security.c4po.dev
- Sec-Fetch-Mode Header is Missing [90005] total: 1:
  - https://security.c4po.dev
- Sec-Fetch-Site Header is Missing [90005] total: 1:
  - https://security.c4po.dev
- Sec-Fetch-User Header is Missing [90005] total: 1:
  - https://security.c4po.dev
- Storable and Cacheable Content [10049] total: 1:
  - https://security.c4po.dev

View the following link to download the report.
RunnerID:6246225327