ZAP Full Scan Report #1
Description
-
Site: https://filevaultwebapp.azurewebsites.net
New Alerts- CSP: Wildcard Directive [10055] total: 2:
- Content Security Policy (CSP) Header Not Set [10038] total: 1:
- Missing Anti-clickjacking Header [10020] total: 1:
- Proxy Disclosure [40025] total: 6:
- Sub Resource Integrity Attribute Missing [90003] total: 1:
- Cookie Without Secure Flag [10011] total: 5:
- Cookie with SameSite Attribute None [10054] total: 5:
- Cookie without SameSite Attribute [10054] total: 5:
- HTTPS Content Available via HTTP [10047] total: 4:
- Insufficient Site Isolation Against Spectre Vulnerability [90004] total: 5:
- Permissions Policy Header Not Set [10063] total: 4:
- Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) [10037] total: 5:
- Strict-Transport-Security Header Not Set [10035] total: 5:
- X-Content-Type-Options Header Missing [10021] total: 3:
- Cookie Slack Detector [90027] total: 6:
- Information Disclosure - Suspicious Comments [10027] total: 1:
- Modern Web Application [10109] total: 1:
- Re-examine Cache-control Directives [10015] total: 1:
- Session Management Response Identified [10112] total: 5:
- Storable and Cacheable Content [10049] total: 2:
- Storable but Non-Cacheable Content [10049] total: 3:
View the following link to download the report.
RunnerID:13418538714