ZAP Scan Baseline Report #3519
Description
-
Site: https://www.zaproxy.org
New Alerts- Source Code Disclosure - SQL [10099] total: 12:
- https://www.zaproxy.org/blog/2022-12-24-12-days-of-zapmas/
- https://www.zaproxy.org/blog/2025-04-09-portswigger-labs-broken-brute-force-protection-ip-block/
- https://www.zaproxy.org/docs/api/
- https://www.zaproxy.org/docs/desktop/addons/ajax-spider/scandialog/
- https://www.zaproxy.org/docs/desktop/addons/parameter-digger/dialog/
- ..
- Sub Resource Integrity Attribute Missing [90003] total: 5:
- Big Redirect Detected (Potential Sensitive Information Leak) [10044] total: 12:
- Insufficient Site Isolation Against Spectre Vulnerability [90004] total: 9:
- Permissions Policy Header Not Set [10063] total: 5:
- Modern Web Application [10109] total: 5:
- Storable and Cacheable Content [10049] total: 5:
- User Controllable HTML Element Attribute (Potential XSS) [10031] total: 1:
- Username Hash Found [10057] total: 2:
Ignored Alerts
- PII Disclosure [10062] total: 1:
- Application Error Disclosure [90022] total: 9:
- Content Security Policy (CSP) Header Not Set [10038] total: 5:
- Cross-Domain Misconfiguration [10098] total: 5:
- Cross-Domain JavaScript Source File Inclusion [10017] total: 5:
- Information Disclosure - Debug Error Messages [10023] total: 7:
- Private IP Disclosure [2] total: 12:
- Strict-Transport-Security Header Not Set [10035] total: 5:
- Timestamp Disclosure - Unix [10096] total: 3:
- X-Content-Type-Options Header Missing [10021] total: 5:
- Re-examine Cache-control Directives [10015] total: 5:
- Retrieved from Cache [10050] total: 10:
- Source Code Disclosure - SQL [10099] total: 12:
View the following link to download the report.
RunnerID:20905382583