simpsora/PHP-Chess

ZAP Scan Baseline Report

Opened this issue 3 years ago · 1 comments

github-actions commented 3 years ago

Site: http://172.17.0.2
New Alerts
- Application Error Disclosure [90022] total: 6:
- Content Security Policy (CSP) Header Not Set [10038] total: 11:
- X-Frame-Options Header Not Set [10020] total: 11:
- Big Redirect Detected (Potential Sensitive Information Leak) [10044] total: 1:
  - http://172.17.0.2/index.php?reset=1
- Cookie No HttpOnly Flag [10010] total: 1:
  - http://172.17.0.2
- Cookie without SameSite Attribute [10054] total: 1:
  - http://172.17.0.2
- Private IP Disclosure [2] total: 1:
  - http://172.17.0.2/classes/Horse.php
- Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) [10037] total: 11:
- Server Leaks Version Information via "Server" HTTP Response Header Field [10036] total: 11:
- Timestamp Disclosure - Unix [10096] total: 1:
  - http://172.17.0.2/style/style.css
- X-Content-Type-Options Header Missing [10021] total: 11:
- Modern Web Application [10109] total: 11:

View the following link to download the report.
RunnerID:1374839637

github-actions commented 3 years ago

Site: http://172.17.0.2
Resolved Alerts
- Private IP Disclosure [2] total: 1:

View the following link to download the report.
RunnerID:1374851446