ZAP Full Scan Report

[github-actions]

• Site: http://localhost:8080
  New Alerts

  • Content Security Policy (CSP) Header Not Set [10038] total: 1:
    • http://localhost:8080/sitemap.xml
  • Vulnerable JS Library [10003] total: 1:
    • http://localhost:8080/js/bootstrap-3.4.1.js
  • Dangerous JS Functions [10110] total: 3:
    • http://localhost:8080/js/jquery-3.7.1.js
    • http://localhost:8080/js/legacy.js?1.7.4
    • http://localhost:8080/js/prettify.js?1.7.4
  • Permissions Policy Header Not Set [10063] total: 12:
    • http://localhost:8080/js/base-x-4.0.0.js
    • http://localhost:8080/js/bootstrap-3.4.1.js
    • http://localhost:8080/js/jquery-3.7.1.js
    • http://localhost:8080/js/kjua-0.9.0.js
    • http://localhost:8080/js/legacy.js?1.7.4
    • ..
  • Server Leaks Version Information via "Server" HTTP Response Header Field [10036] total: 12:
    • http://localhost:8080
    • http://localhost:8080/
    • http://localhost:8080/css/bootstrap/bootstrap-3.4.1.css
    • http://localhost:8080/css/bootstrap/bootstrap-theme-3.4.1.css
    • http://localhost:8080/css/bootstrap/privatebin.css?1.7.4
    • ..
  • Non-Storable Content [10049] total: 2:
    • http://localhost:8080
    • http://localhost:8080/
  • Storable and Cacheable Content [10049] total: 10:
    • http://localhost:8080/css/bootstrap/bootstrap-3.4.1.css
    • http://localhost:8080/css/bootstrap/bootstrap-theme-3.4.1.css
    • http://localhost:8080/css/bootstrap/privatebin.css?1.7.4
    • http://localhost:8080/css/noscript.css
    • http://localhost:8080/css/prettify/prettify.css?1.7.4
    • ..

  Ignored Alerts

  • Absence of Anti-CSRF Tokens [10202] total: 2:
  • CSP: Wildcard Directive [10055] total: 4:
  • CSP: script-src unsafe-eval [10055] total: 4:
  • CSP: Header & Meta [10055] total: 2:
  • Information Disclosure - Suspicious Comments [10027] total: 16:
  • Modern Web Application [10109] total: 2:

View the following link to download the report.
RunnerID:10105091767

---

ZAP is supported by the Crash Override Open Source Fellowship

[github-actions]

• Site: http://localhost:8080
  Resolved Alerts
  • Dangerous JS Functions [10110] total: 3:
  • Permissions Policy Header Not Set [10063] total: 12:
  • Non-Storable Content [10049] total: 2:
  • Storable and Cacheable Content [10049] total: 10:

View the following link to download the report.
RunnerID:10362985018

[github-actions]

• Site: http://localhost:8080
  New Alerts
  • Dangerous JS Functions [10110] total: 3:
    • http://localhost:8080/js/jquery-3.7.1.js
    • http://localhost:8080/js/legacy.js?1.7.4
    • http://localhost:8080/js/prettify.js?1.7.4
  • Permissions Policy Header Not Set [10063] total: 12:
    • http://localhost:8080/js/base-x-4.0.0.js
    • http://localhost:8080/js/bootstrap-3.4.1.js
    • http://localhost:8080/js/jquery-3.7.1.js
    • http://localhost:8080/js/kjua-0.9.0.js
    • http://localhost:8080/js/legacy.js?1.7.4
    • ..
  • Non-Storable Content [10049] total: 2:
    • http://localhost:8080
    • http://localhost:8080/
  • Storable and Cacheable Content [10049] total: 9:
    • http://localhost:8080/css/bootstrap/bootstrap-3.4.1.css
    • http://localhost:8080/css/bootstrap/bootstrap-theme-3.4.1.css
    • http://localhost:8080/css/bootstrap/privatebin.css?1.7.4
    • http://localhost:8080/css/noscript.css
    • http://localhost:8080/img/apple-touch-icon.png
    • ..

View the following link to download the report.
RunnerID:10380793680