ZAP Full Scan Report #178
Description
-
Site: http://dev.workwitheducation.gov.bc.ca
New Alerts- Non-Storable Content [10049] total: 1:
-
Site: https://dev.workwitheducation.gov.bc.ca
New Alerts- Proxy Disclosure [40025] total: 10:
- Bypassing 403 [40038] total: 2:
- Content Security Policy (CSP) Header Not Set [10038] total: 2:
- Insecure HTTP Method - TRACE [90028] total: 4:
- Sub Resource Integrity Attribute Missing [90003] total: 2:
- Vulnerable JS Library [10003] total: 1:
- Big Redirect Detected (Potential Sensitive Information Leak) [10044] total: 2:
- Cookie No HttpOnly Flag [10010] total: 3:
- Cookie Slack Detector [90027] total: 10:
- Cookie with SameSite Attribute None [10054] total: 2:
- Cookie without SameSite Attribute [10054] total: 6:
- Dangerous JS Functions [10110] total: 1:
- Insufficient Site Isolation Against Spectre Vulnerability [90004] total: 7:
- Permissions Policy Header Not Set [10063] total: 3:
- Server Leaks Version Information via "Server" HTTP Response Header Field [10036] total: 8:
- Strict-Transport-Security Header Not Set [10035] total: 8:
- Timestamp Disclosure - Unix [10096] total: 16:
- Information Disclosure - Suspicious Comments [10027] total: 1:
- Non-Storable Content [10049] total: 4:
- Re-examine Cache-control Directives [10015] total: 2:
- Session Management Response Identified [10112] total: 5:
- Storable and Cacheable Content [10049] total: 4:
- User Agent Fuzzer [10104] total: 52:
View the following link to download the report.
RunnerID:15717084178