ZAP Full Scan Report

[github-actions[bot]]

• Site: http://localhost:8080 New Alerts

  • Bypassing 403 [40038] total: 5:
    • http://localhost:8080/css%20/
    • http://localhost:8080/css/bootstrap%20/
    • http://localhost:8080/css/prettify%20/
    • http://localhost:8080/img%20/
    • http://localhost:8080/js%20/
  • Vulnerable JS Library [10003] total: 1:
    • http://localhost:8080/js/bootstrap-3.4.1.js
  • Dangerous JS Functions [10110] total: 3:
    • http://localhost:8080/js/jquery-3.7.0.js
    • http://localhost:8080/js/legacy.js?1.5.2
    • http://localhost:8080/js/prettify.js?1.5.2
  • Permissions Policy Header Not Set [10063] total: 11:
    • http://localhost:8080/js/base-x-4.0.0.js
    • http://localhost:8080/js/bootstrap-3.4.1.js
    • http://localhost:8080/js/jquery-3.7.0.js
    • http://localhost:8080/js/kjua-0.9.0.js
    • http://localhost:8080/js/legacy.js?1.5.2
    • ..
  • Non-Storable Content [10049] total: 3:
    • http://localhost:8080
    • http://localhost:8080/
    • http://localhost:8080/sitemap.xml
  • Storable and Cacheable Content [10049] total: 8:
    • http://localhost:8080/css/bootstrap/bootstrap-3.4.1.css
    • http://localhost:8080/css/bootstrap/bootstrap-theme-3.4.1.css
    • http://localhost:8080/css/bootstrap/privatebin.css?1.5.2
    • http://localhost:8080/css/noscript.css
    • http://localhost:8080/css/prettify/prettify.css?1.5.2
    • ..

  Ignored Alerts

  • Absence of Anti-CSRF Tokens [10202] total: 3:
  • CSP: Wildcard Directive [10055] total: 4:
  • CSP: script-src unsafe-eval [10055] total: 4:
  • CSP: Header & Meta [10055] total: 2:
  • Information Disclosure - Suspicious Comments [10027] total: 16:
  • Modern Web Application [10109] total: 3:

View the following link to download the report. RunnerID:5746187872