ZAP Scan Baseline Report #93
Description
- Site: https://www.zaproxy.org
New Alerts- Strict-Transport-Security Header Not Set [10035] total: 20:
- https://www.zaproxy.org/blog/2016-02-19-zap-newsletter-2016-february/images/image05.png
- https://www.zaproxy.org/faq/index.xml
- https://www.zaproxy.org/docs/desktop/addons/form-handler/images/formHandlerTable.PNG
- https://www.zaproxy.org/docs/desktop/addons/hud/index.xml
- https://www.zaproxy.org/docs/desktop/addons/websockets/images/106.png
- ..
- Cross-Domain Misconfiguration [10098] total: 20:
- https://www.zaproxy.org/img/faq/supportAddonVersion.png
- https://www.zaproxy.org/docs/desktop/addons/websockets/images/105.png
- https://www.zaproxy.org/blog/2020-03-04-dark-mode-in-the-weekly-release/images/zap-dark-desktop.png
- https://www.zaproxy.org/docs/desktop/images/fugue/forcedUserOff.png
- https://www.zaproxy.org/getting-started/images/alert-icons.png
- ..
- Retrieved from Cache [10050] total: 20:
- https://www.zaproxy.org/docs/desktop/addons/passive-scan-rules-alpha/index.xml
- https://www.zaproxy.org/docs/desktop/addons/ajax-spider/tab/
- https://www.zaproxy.org/support/
- https://www.zaproxy.org/docs/desktop/addons/authentication-statistics/index.xml
- https://www.zaproxy.org/docs/desktop/addons/plug-n-hack/clientstab/
- ..
- Cross-Domain JavaScript Source File Inclusion [10017] total: 20:
- https://www.zaproxy.org/docs/desktop/releases/2.9.0/
- https://www.zaproxy.org/faq/details/setting-up-zap-to-test-dvwa/
- https://www.zaproxy.org/docs/desktop/addons/openapi-support/
- https://www.zaproxy.org/docs/desktop/start/features/globalexcludeurl/
- https://www.zaproxy.org/docs/desktop/addons/save-xml-message/
- ..
- X-Content-Type-Options Header Missing [10021] total: 20:
- https://www.zaproxy.org/docs/desktop/addons/browser-view/index.xml
- https://www.zaproxy.org/docs/index.xml
- https://www.zaproxy.org/img/faq/windows-settings-high-dpi.png
- https://www.zaproxy.org/docs/desktop/images/16/152.png
- https://www.zaproxy.org/docs/desktop/images/fugue/application-blue-export.png
- ..
- Timestamp Disclosure - Unix [10096] total: 20:
- https://www.zaproxy.org/blog/2014-03-10-hacking-zap-1-why-should-you/
- https://www.zaproxy.org/docs/desktop/releases/2.3.0/
- https://www.zaproxy.org/docs/desktop/ui/tlmenu/online/
- https://www.zaproxy.org/docs/desktop/addons/import-urls/
- https://www.zaproxy.org/faq/how-do-you-find-out-what-key-to-use-to-set-a-config-value-on-the-command-line/
- ..
- Incomplete or No Cache-control and Pragma HTTP Header Set [10015] total: 20:
- https://www.zaproxy.org/docs/desktop/start/features/index.xml
- https://www.zaproxy.org/zap-in-ten/
- https://www.zaproxy.org/docs/desktop/start/features/users/
- https://www.zaproxy.org/docs/desktop/addons/access-control-testing/tab/
- https://www.zaproxy.org/docs/desktop/addons/community-scripts/index.xml
- ..
- Content Security Policy (CSP) Header Not Set [10038] total: 20:
- https://www.zaproxy.org/docs/desktop/start/features/alerts/
- https://www.zaproxy.org/faq/why-am-i-getting-blank-zap-windows-on-linux/
- https://www.zaproxy.org/docs/desktop/addons/vulncheck/
- https://www.zaproxy.org/docs/desktop/ui/dialogs/addalert/
- https://www.zaproxy.org/docs/desktop/addons/forced-browse/
- ..
- Loosely Scoped Cookie [90033] total: 3:
- Application Error Disclosure [90022] total: 3:
- Information Disclosure - Debug Error Messages [10023] total: 2:
- Information Disclosure - Suspicious Comments [10027] total: 4:
- Cookie Without Secure Flag [10011] total: 2:
- Private IP Disclosure [2] total: 3:
- Reverse Tabnabbing [10108] total: 1:
- PII Scanner [10062] total: 1:
- Strict-Transport-Security Header Not Set [10035] total: 20:
View the following link to download the report.
RunnerID:74366119