ZAP: Frontend #6
Description
- Site: https://qs1-test-frontend.apps.silver.devops.gov.bc.ca
New Alerts- CSP: Wildcard Directive [10055] total: 4:
- CSP: script-src unsafe-eval [10055] total: 4:
- CSP: style-src unsafe-inline [10055] total: 4:
- Hidden File Found [40035] total: 4:
- Proxy Disclosure [40025] total: 11:
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/assets
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/assets/axios-BI6HAyac.js
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/assets/index-CeBKo1PD.css
- ..
- Cookie with SameSite Attribute None [10054] total: 2:
- Deprecated Feature Policy Header Set [10063] total: 8:
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/assets/axios-BI6HAyac.js
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/assets/index-pMuu8lcV.js
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/assets/mui-8gcr04a2.js
- ..
- Insufficient Site Isolation Against Spectre Vulnerability [90004] total: 11:
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/assets/index-CeBKo1PD.css
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/favicon.ico
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/sitemap.xml
- ..
- Timestamp Disclosure - Unix [10096] total: 2:
- Base64 Disclosure [10094] total: 2:
- Cookie Slack Detector [90027] total: 11:
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/assets
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/assets/axios-BI6HAyac.js
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/assets/index-CeBKo1PD.css
- ..
- Information Disclosure - Suspicious Comments [10027] total: 13:
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/assets/axios-BI6HAyac.js
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/assets/axios-BI6HAyac.js
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/assets/index-pMuu8lcV.js
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/assets/index-pMuu8lcV.js
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/assets/index-pMuu8lcV.js
- ..
- Modern Web Application [10109] total: 4:
- Non-Storable Content [10049] total: 10:
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/assets/axios-BI6HAyac.js
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/assets/index-CeBKo1PD.css
- https://qs1-test-frontend.apps.silver.devops.gov.bc.ca/assets/index-pMuu8lcV.js
- ..
- Sec-Fetch-Dest Header is Missing [90005] total: 3:
- Sec-Fetch-Mode Header is Missing [90005] total: 3:
- Sec-Fetch-Site Header is Missing [90005] total: 3:
- Sec-Fetch-User Header is Missing [90005] total: 3:
- Session Management Response Identified [10112] total: 2:
View the following link to download the report.
RunnerID:12843431740