Professional Documents
Culture Documents
Comprehensive New Https Tech Jobs Credit Agricole Com
Comprehensive New Https Tech Jobs Credit Agricole Com
Comprehensive New Https Tech Jobs Credit Agricole Com
Scan Detail
Target https://tech-jobs.credit-agricole.com
Scan Type Full Scan
Start Time May 5, 2023, 4:06:24 PM GMT+3
Scan Duration 1 hour, 15 minutes
Requests 98818
Average Response Time 193ms
Maximum Response Time 10199ms
1
1 1 5 6
High Medium Low Informational
High 1 1
Medium 1 1
Low 5 5
Informational 6 6
Total 13 13
2
Informational
Instances
Content Security Policy (CSP) not implemented 1
File uploads 1
Outdated JavaScript libraries 1
Others 3
Low Severity
Instances
Clickjacking: X-Frame-Options header 1
Documentation files 1
HTTP Strict Transport Security (HSTS) not imp… 1
Others 2
Medium Severity
Instances
TLS 1.1 enabled 1
High Severity
Instances
TLS 1.0 enabled 1
3
Impacts
SEVERITY IMPACT
4
TLS 1.0 enabled
The web server supports encryption through TLS 1.0, which was formally deprecated in March 2021 as a
result of inherent security issues. In addition, TLS 1.0 is not considered to be "strong cryptography" as
defined and required by the PCI Data Security Standard 3.2(.1) when used to protect sensitive information
transferred to or from web sites. According to PCI, "30 June 2018 is the deadline for disabling SSL/early
TLS and implementing a more secure encryption protocol – TLS 1.1 or higher (TLS v1.2 is strongly
encouraged) in order to meet the PCI Data Security Standard (PCI DSS) for safeguarding payment data.
Impact
An attacker may be able to exploit this problem to conduct man-in-the-middle attacks and decrypt
communications between the affected service and clients.
Recommendation
It is recommended to disable TLS 1.0 and replace it with TLS 1.2 or higher.
References
Are You Ready for 30 June 2018? Saying Goodbye to SSL/early TLS
https://blog.pcisecuritystandards.org/are-you-ready-for-30-june-2018-sayin-goodbye-to-ssl-early-tls
5
the deadline for disabling SSL/early TLS and implementing a more secure encryption protocol – TLS 1.1 or
higher (TLS v1.2 is strongly encouraged) in order to meet the PCI Data Security Standard (PCI DSS) for
safeguarding payment data.
Impact
An attacker may be able to exploit this problem to conduct man-in-the-middle attacks and decrypt
communications between the affected service and clients.
Recommendation
It is recommended to disable TLS 1.1 and replace it with TLS 1.2 or higher.
References
The server did not return an X-Frame-Options header with the value DENY or SAMEORIGIN, which means
that this website could be at risk of a clickjacking attack. The X-Frame-Options HTTP response header can
be used to indicate whether or not a browser should be allowed to render a page inside a frame or iframe.
Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into
untrusted sites.
6
Impact
The impact depends on the affected web application.
https://tech-jobs.credit-agricole.com/
Paths without secure XFO header:
https://tech-jobs.credit-agricole.com/questionnaire/
https://tech-jobs.credit-agricole.com/
Request
GET /questionnaire/ HTTP/1.1
Host: tech-jobs.credit-agricole.com
accept: application/signed-exchange;v=b3;q=0.7,*/*;q=0.8
accept-language: en-US
Purpose: prefetch
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://tech-jobs.credit-agricole.com/
Accept-Encoding: gzip,deflate,br
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/108.0.0.0 Safari/537.36
Recommendation
Configure your web server to include an X-Frame-Options header and a CSP header with frame-ancestors
directive. Consult Web references for more information about the possible values for this header.
References
Clickjacking
https://en.wikipedia.org/wiki/Clickjacking
OWASP Clickjacking
https://cheatsheetseries.owasp.org/cheatsheets/Clickjacking_Defense_Cheat_Sheet.html
7
Documentation files
One or more documentation files (e.g. readme.txt, changelog.txt, ...) were found. The information
contained in these files could help an attacker identify the web application you are using and sometimes
the version of the application. It's recommended to remove these files from production systems.
Impact
These files may disclose sensitive information. This information can be used to launch further attacks.
https://tech-jobs.credit-agricole.com/
Documentation files:
https://tech-jobs.credit-agricole.com/license.txt
File contents (first 100 characters):
Request
GET /license.txt HTTP/1.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/108.0.0.0 Safari/537.36
Host: tech-jobs.credit-agricole.com
Connection: Keep-alive
Recommendation
Remove or restrict access to all documentation file acessible from internet.
8
HTTP Strict Transport Security (HSTS) tells a browser that a web site is only accessable using HTTPS. It was
detected that your web application doesn't implement HTTP Strict Transport Security (HSTS) as the Strict
Transport Security header is missing from the response.
Impact
HSTS can be used to prevent and/or mitigate some types of man-in-the-middle (MitM) attacks
https://tech-jobs.credit-agricole.com/
URLs where HSTS is not enabled:
https://tech-jobs.credit-agricole.com/questionnaire/
https://tech-jobs.credit-agricole.com/
Request
GET /questionnaire/ HTTP/1.1
Host: tech-jobs.credit-agricole.com
accept: application/signed-exchange;v=b3;q=0.7,*/*;q=0.8
accept-language: en-US
Purpose: prefetch
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://tech-jobs.credit-agricole.com/
Accept-Encoding: gzip,deflate,br
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/108.0.0.0 Safari/537.36
Recommendation
It's recommended to implement HTTP Strict Transport Security (HSTS) into your web application. Consult
web references for more information
References
hstspreload.org
https://hstspreload.org/
Strict-Transport-Security
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
9
WordPress admin accessible without HTTP
authentication
It's recommended to restrict access to the WordPress administration dashboard using HTTP
authentication. Password protecting your WordPress admin dashboard through a layer of HTTP
authentication is an effective measure to thwart attackers attempting to guess user's passwords.
Additionally, if attackers manage to steal a user's password, they will need to get past HTTP authentication
in order to gain access to WordPress login form.
Impact
No impact is associated with this vulnerability.
https://tech-jobs.credit-agricole.com/wp-admin/
Request
GET /wp-admin/ HTTP/1.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/108.0.0.0 Safari/537.36
Host: tech-jobs.credit-agricole.com
Connection: Keep-alive
Recommendation
Add server-side password protection (such as BasicAuth) to the /wp-admin/ directory. Consult web
references for more information.
References
Securing wp-admin
https://codex.wordpress.org/Hardening_WordPress
10
WordPress includes a REST API that can be used to list the information about the registered users on a
WordPress installation. The REST API exposed user data for all users who had authored a post of a public
post type. WordPress 4.7.1 limits this to only post types which have specified that they should be shown
within the REST API.
Impact
An unauthenticated attacker can gain access to the list of users on a WordPress installation. This can be
exploited by bots that are launching brute-force password guessing attacks on WordPress websites.
https://tech-jobs.credit-agricole.com/
Request
GET /wp-json/wp/v2/users HTTP/1.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/108.0.0.0 Safari/537.36
Host: tech-jobs.credit-agricole.com
Connection: Keep-alive
Recommendation
Install a WordPress plugin such as Stop User Enumeration. Stop User Enumeration is a security plugin
designed to detect and prevent hackers scanning your site for user names.
References
Content Security Policy (CSP) can be implemented by adding a Content-Security-Policy header. The value
of this header is a string containing the policy directives describing your Content Security Policy. To
11
implement CSP, you should define lists of allowed origins for the all of the types of resources that your site
utilizes. For example, if you have a simple site that needs to load scripts, stylesheets, and images hosted
locally, as well as from the jQuery library from their CDN, the CSP header could look like the following:
Content-Security-Policy:
default-src 'self';
script-src 'self' https://code.jquery.com;
It was detected that your web application doesn't implement Content Security Policy (CSP) as the CSP
header is missing from the response. It's recommended to implement Content Security Policy (CSP) into
your web application.
Impact
CSP can be used to prevent and/or mitigate attacks that involve content/code injection, such as cross-site
scripting/XSS attacks, attacks that require embedding a malicious resource, attacks that involve malicious
use of iframes, such as clickjacking attacks, and others.
https://tech-jobs.credit-agricole.com/
Paths without CSP header:
https://tech-jobs.credit-agricole.com/questionnaire/
https://tech-jobs.credit-agricole.com/
Request
GET /questionnaire/ HTTP/1.1
Host: tech-jobs.credit-agricole.com
accept: application/signed-exchange;v=b3;q=0.7,*/*;q=0.8
accept-language: en-US
Purpose: prefetch
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://tech-jobs.credit-agricole.com/
Accept-Encoding: gzip,deflate,br
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/108.0.0.0 Safari/537.36
Recommendation
It's recommended to implement Content Security Policy (CSP) into your web application. Configuring
Content Security Policy involves adding the Content-Security-Policy HTTP header to a web page and
12
giving it values to control resources the user agent is allowed to load for that page.
References
File uploads
These pages allows visitors to upload files to the server. Various web applications allow users to upload
files (such as pictures, images, sounds, ...). Uploaded files may pose a significant risk if not handled
correctly. A remote attacker could send a multipart/form-data POST request with a specially-crafted
filename or mime type and execute arbitrary code.
Impact
If the uploaded files are not safely checked an attacker may upload malicious files.
https://tech-jobs.credit-agricole.com/
Pages with file upload forms:
https://tech-jobs.credit-agricole.com/questionnaire/
Request
GET /questionnaire/ HTTP/1.1
Host: tech-jobs.credit-agricole.com
accept: application/signed-exchange;v=b3;q=0.7,*/*;q=0.8
accept-language: en-US
Purpose: prefetch
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://tech-jobs.credit-agricole.com/
Accept-Encoding: gzip,deflate,br
13
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/108.0.0.0 Safari/537.36
Recommendation
Restrict file types accepted for upload: check the file extension and only allow certain files to be uploaded.
Use a whitelist approach instead of a blacklist. Check for double extensions such as .php.png. Check for
files without a filename like .htaccess (on ASP.NET, check for configuration files like web.config). Change
the permissions on the upload folder so the files within it are not executable. If possible, rename the files
that are uploaded.
Impact
Consult References for more information.
Lodash 1.13.6
URL: https://tech-jobs.credit-agricole.com/questionnaire/
Detection method: The library's name and version were determined based on its dynamic behavior.
References:
https://github.com/lodash/lodash/tags
Request
GET /questionnaire/ HTTP/1.1
Host: tech-jobs.credit-agricole.com
accept: application/signed-exchange;v=b3;q=0.7,*/*;q=0.8
accept-language: en-US
Purpose: prefetch
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://tech-jobs.credit-agricole.com/
Accept-Encoding: gzip,deflate,br
14
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/108.0.0.0 Safari/537.36
Recommendation
Upgrade to the latest version.
Impact
https://tech-jobs.credit-agricole.com/
Locations without Permissions-Policy header:
https://tech-jobs.credit-agricole.com/questionnaire/
https://tech-jobs.credit-agricole.com/
https://tech-jobs.credit-agricole.com/xmlrpc.php
https://tech-jobs.credit-agricole.com/wp-json/oembed/1.0/embed
https://tech-jobs.credit-agricole.com/comments/feed/
https://tech-jobs.credit-agricole.com/cgu/
https://tech-jobs.credit-agricole.com/mentions-legales/
https://tech-jobs.credit-agricole.com/feed/
https://tech-jobs.credit-agricole.com/wp-json/
https://tech-jobs.credit-agricole.com/wp-admin/
https://tech-jobs.credit-agricole.com/license.txt
https://tech-jobs.credit-agricole.com/__ovhp/
https://tech-jobs.credit-agricole.com/comments/
https://tech-jobs.credit-agricole.com/__ovhp/common/font/
https://tech-jobs.credit-agricole.com/__ovhp/common/img/
https://tech-jobs.credit-agricole.com/wp-admin/admin-ajax.php
https://tech-jobs.credit-agricole.com/wp-json/oembed/
https://tech-jobs.credit-agricole.com/wp-json/wp/v2/pages/8
https://tech-jobs.credit-agricole.com/wp-json/wp/
https://tech-jobs.credit-agricole.com/wp-content/cache/min/1/wp-
content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css
https://tech-jobs.credit-agricole.com/__ovhp/common/
15
Request
GET /questionnaire/ HTTP/1.1
Host: tech-jobs.credit-agricole.com
accept: application/signed-exchange;v=b3;q=0.7,*/*;q=0.8
accept-language: en-US
Purpose: prefetch
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://tech-jobs.credit-agricole.com/
Accept-Encoding: gzip,deflate,br
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/108.0.0.0 Safari/537.36
References
Impact
An attacker might use the disclosed information to harvest specific security vulnerabilities for the version
identified.
https://tech-jobs.credit-agricole.com/
Version detected: PHP/8.0.
Recommendation
Configure your web server to prevent information leakage from its HTTP response.
References
16
PHP Documentation: header_remove()
https://www.php.net/manual/en/function.header-remove.php
Third-party resources (such as scripts and stylesheets) can be manipulated. An attacker that has access or
has hacked the hosting CDN can manipulate or replace the files. SRI allows developers to specify a base64-
encoded cryptographic hash of the resource to be loaded. The integrity attribute containing the hash is
then added to the <script> HTML element tag. The integrity string consists of a base64-encoded hash,
followed by a prefix that depends on the hash algorithm. This prefix can either be sha256, sha384 or
sha512.
The script loaded from the external URL specified in the Details section doesn't implement Subresource
Integrity (SRI). It's recommended to implement Subresource Integrity (SRI) for all the scripts loaded from
external hosts.
Impact
An attacker that has access or has hacked the hosting CDN can manipulate or replace the files.
https://tech-jobs.credit-agricole.com/questionnaire/
Pages where SRI is not implemented:
https://tech-jobs.credit-agricole.com/questionnaire/
Script SRC: https://www.googletagmanager.com/gtag/js?id=UA-264300841-1
https://tech-jobs.credit-agricole.com/questionnaire/
Script SRC: https://www.google.com/recaptcha/api.js?render=explicit&ver=3.12.3
Request
GET /questionnaire/ HTTP/1.1
Host: tech-jobs.credit-agricole.com
accept: application/signed-exchange;v=b3;q=0.7,*/*;q=0.8
accept-language: en-US
17
Purpose: prefetch
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://tech-jobs.credit-agricole.com/
Accept-Encoding: gzip,deflate,br
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/108.0.0.0 Safari/537.36
Recommendation
Use the SRI Hash Generator link (from the References section) to generate a <script> element that
implements Subresource Integrity (SRI).
For example, you can use the following <script> element to tell a browser that before executing the
https://example.com/example-framework.js script, the browser must first compare the script to the
expected hash, and verify that there's a match.
<script src="https://example.com/example-framework.js"
integrity="sha384-oqVuAfXRKap7fdgcCY5uykM6+R9GqQ8K/uxy9rx7HNQlGYl1kPzQho1wx4JwY8wC"
crossorigin="anonymous"></script>
References
Subresource Integrity
https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
18
Coverage
https://tech-jobs.credit-agricole.com
#fragments
wp-duotone-blue-orange
wp-duotone-blue-red
wp-duotone-dark-grayscale
wp-duotone-grayscale
wp-duotone-magenta-yellow
wp-duotone-midnight
wp-duotone-purple-green
wp-duotone-purple-yellow
Inputs
GET p
__ovhp
common
css
style.css
font
img
cgu
comments
feed
feed
mentions-legales
questionnaire
#fragments
wp-duotone-blue-orange
wp-duotone-blue-red
wp-duotone-dark-grayscale
wp-duotone-grayscale
wp-duotone-magenta-yellow
wp-duotone-midnight
19
wp-duotone-purple-green
wp-duotone-purple-yellow
Inputs
POST form_fields[field_032e81c], form_fields[field_1b2caac], form_fields[field_1be5f0b],
form_fields[field_2387f56], form_fields[field_633be20], form_fields[field_64ca02e], form_fields[field_6f50663],
form_fields[field_951092e], form_fields[field_9659507], form_fields[field_b0185b2],
form_fields[field_b16a1dd], form_fields[field_cloud][], form_fields[field_d81bc45], form_fields[field_email],
form_fields[field_experience], form_fields[field_fd4f891], form_fields[field_linkedin],
form_fields[field_mainframe], form_fields[field_prenom], form_fields[field_scoop], form_fields[input1],
form_fields[input2], form_fields[input3], form_fields[input4], form_fields[input5], form_fields[name], form_id,
post_id, queried_id, referer_title
wp-admin
admin-ajax.php
Inputs
POST post_id, form_id, referer_title, queried_id, form_fields[input1], form_fields[input2],
form_fields[input3], form_fields[input4], form_fields[input5], form_fields[field_64ca02e],
form_fields[field_1b2caac], form_fields[field_6f50663], form_fields[field_1be5f0b],
form_fields[field_633be20], form_fields[field_mainframe], form_fields[field_cloud][],
form_fields[field_d81bc45], form_fields[field_fd4f891], form_fields[field_9659507],
form_fields[field_experience], form_fields[field_951092e], form_fields[field_prenom], form_fields[name],
form_fields[field_b16a1dd], form_fields[field_email], form_fields[field_scoop], form_fields[field_032e81c],
form_fields[field_linkedin], form_fields[field_2387f56], form_fields[field_b0185b2], action, referrer
wp-content
cache
min
1
wp-content
plugins
elementor
assets
lib
eicons
20
css
elementor-icons.min.css
font-awesome
css
solid.min.css
swiper
v8
css
swiper.min.css
uploads
custom-css-js
1623.css
3480.css
useanyfont
uaf.css
plugins
elementor-pro
assets
css
frontend-lite.min.css
js
elements-handlers.min.js
#fragments
wp-duotone-blue-orange
wp-duotone-blue-red
wp-duotone-dark-grayscale
wp-duotone-grayscale
wp-duotone-magenta-yellow
wp-duotone-midnight
wp-duotone-purple-green
wp-duotone-purple-yellow
form.72b77b99d67b130634d2.bundle.min.js
frontend.min.js
21
popup.483b906ddaa1af17ff14.bundle.min.js
webpack-pro.runtime.min.js
lib
smartmenus
jquery.smartmenus.min.js
sticky
jquery.sticky.min.js
modules
lottie
assets
animations
default.json
elementor
assets
css
frontend-lite.min.css
js
frontend-modules.min.js
frontend.min.js
webpack.runtime.min.js
lib
animations
animations.min.css
dialog
dialog.min.js
eicons
css
elementor-icons.min.css
fonts
font-awesome
css
fontawesome.min.css
solid.min.css
22
webfonts
swiper
v8
css
swiper.min.css
waypoints
waypoints.min.js
preloader-plus
assets
css
preloader-plus.min.css
js
preloader-plus.min.js
#fragments
wp-duotone-blue-orange
wp-duotone-blue-red
wp-duotone-dark-grayscale
wp-duotone-grayscale
wp-duotone-magenta-yellow
wp-duotone-midnight
wp-duotone-purple-green
wp-duotone-purple-yellow
smart-slider-3
Public
SmartSlider3
Application
Frontend
Assets
dist
n2.min.js
smartslider-frontend.min.js
Slider
SliderType
23
Simple
Assets
dist
ss-simple.min.js
Widget
Arrow
ArrowImage
Assets
dist
w-arrow-image.min.js
wp-rocket
assets
img
js
lazyload
17.8.3
lazyload.min.js
wpforms-lite
assets
js
integrations
elementor
frontend.min.js
themes
hello-elementor
assets
js
hello-frontend.min.js
#fragments
wp-duotone-blue-orange
wp-duotone-blue-red
wp-duotone-dark-grayscale
wp-duotone-grayscale
wp-duotone-magenta-yellow
24
wp-duotone-midnight
wp-duotone-purple-green
wp-duotone-purple-yellow
style.min.css
theme.min.css
uploads
2023
03
04
Gotham-Book.otf
custom-css-js
1623.css
3480.css
elementor
css
global.css
post-318.css
post-6.css
post-8.css
useanyfont
uaf.css
wp-includes
css
dist
block-library
style.min.css
classic-themes.min.css
js
dist
vendor
regenerator-runtime.min.js
wp-polyfill-inert.min.js
wp-polyfill.min.js
25
#fragments
wp-duotone-blue-orange
wp-duotone-blue-red
wp-duotone-dark-grayscale
wp-duotone-grayscale
wp-duotone-magenta-yellow
wp-duotone-midnight
wp-duotone-purple-green
wp-duotone-purple-yellow
hooks.min.js
i18n.min.js
jquery
ui
core.min.js
#fragments
wp-duotone-blue-orange
wp-duotone-blue-red
wp-duotone-dark-grayscale
wp-duotone-grayscale
wp-duotone-magenta-yellow
wp-duotone-midnight
wp-duotone-purple-green
wp-duotone-purple-yellow
jquery-migrate.min.js
jquery.min.js
underscore.min.js
wp-util.min.js
wlwmanifest.xml
wp-json
oembed
1.0
embed
Inputs
26
GET url, format
wp
v2
pages
21
users
license.txt
robots.txt
xmlrpc.php
27