ZAP Scan Baseline Report

[github-actions]

• Site: http://testphp.vulnweb.com
  New Alerts
  • Absence of Anti-CSRF Tokens [10202] total: 11:
    • http://testphp.vulnweb.com/
    • http://testphp.vulnweb.com/artists.php
    • http://testphp.vulnweb.com/cart.php
    • http://testphp.vulnweb.com/categories.php
    • http://testphp.vulnweb.com/disclaimer.php
    • ..
  • Content Security Policy (CSP) Header Not Set [10038] total: 11:
    • http://testphp.vulnweb.com/
    • http://testphp.vulnweb.com/AJAX/index.php
    • http://testphp.vulnweb.com/artists.php
    • http://testphp.vulnweb.com/cart.php
    • http://testphp.vulnweb.com/categories.php
    • ..
  • Missing Anti-clickjacking Header [10020] total: 11:
    • http://testphp.vulnweb.com/
    • http://testphp.vulnweb.com/AJAX/index.php
    • http://testphp.vulnweb.com/artists.php
    • http://testphp.vulnweb.com/cart.php
    • http://testphp.vulnweb.com/categories.php
    • ..
  • Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) [10037] total: 11:
    • http://testphp.vulnweb.com/
    • http://testphp.vulnweb.com/AJAX/index.php
    • http://testphp.vulnweb.com/artists.php
    • http://testphp.vulnweb.com/cart.php
    • http://testphp.vulnweb.com/categories.php
    • ..
  • X-Content-Type-Options Header Missing [10021] total: 11:
    • http://testphp.vulnweb.com/
    • http://testphp.vulnweb.com/AJAX/index.php
    • http://testphp.vulnweb.com/artists.php
    • http://testphp.vulnweb.com/cart.php
    • http://testphp.vulnweb.com/categories.php
    • ..
  • Charset Mismatch (Header Versus Meta Content-Type Charset) [90011] total: 11:
    • http://testphp.vulnweb.com/
    • http://testphp.vulnweb.com/AJAX/index.php
    • http://testphp.vulnweb.com/artists.php
    • http://testphp.vulnweb.com/cart.php
    • http://testphp.vulnweb.com/categories.php
    • ..
  • Information Disclosure - Suspicious Comments [10027] total: 1:
    • http://testphp.vulnweb.com/AJAX/index.php

View the following link to download the report.
RunnerID:3035485521