Owasp Zap Scanner Output 2024-02-29

OWASP ZAP Scan Report
Target: https://paavaierp.com/paavaipay/
All scanned sites: https://paavaierp.com
Javascript included from: https://cdnjs.cloudflare.com https://paavaierp.com

Generated on Thu, 29 Feb 2024 09:58:54
ZAP Version: 2.14.0
Summary of Alerts
Risk Level Number of Alerts
High 0
Medium 3
Low 7
Informational 4
Alerts
Name Risk Level Number of Instances
Absence of Anti-CSRF Tokens Medium 2

Content Security Policy (CSP) Header Not Set Medium 6
Missing Anti-clickjacking Header Medium 4
Cookie Without Secure Flag Low 1
Cross-Domain JavaScript Source File Inclusion Low 4
Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) Low 13
Server Leaks Version Information via "Server" HTTP Response Header Field Low 13
Strict-Transport-Security Header Not Set Low 13
X-AspNet-Version Response Header Low 11
X-Content-Type-Options Header Missing Low 11
Authentication Request Identified Informational 1
Re-examine Cache-control Directives Informational 4
Session Management Response Identified Informational 16
User Controllable HTML Element Attribute (Potential XSS) Informational 6
Passing Rules
Name Rule Type Threshold Strength
Verification Request Identified Passive MEDIUM -
Generated by HostedScan
Private IP Disclosure Passive MEDIUM -
Session ID in URL Rewrite Passive MEDIUM -
Insecure JSF ViewState Passive MEDIUM -
Vulnerable JS Library (Powered by Retire.js) Passive MEDIUM -
Charset Mismatch Passive MEDIUM -
Cookie No HttpOnly Flag Passive MEDIUM -
Content-Type Header Missing Passive MEDIUM -
Application Error Disclosure Passive MEDIUM -
Information Disclosure - Debug Error Messages Passive MEDIUM -
Information Disclosure - Sensitive Information in URL Passive MEDIUM -
Information Disclosure - Sensitive Information in HTTP Referrer Header Passive MEDIUM -
Information Disclosure - Suspicious Comments Passive MEDIUM -
Open Redirect Passive MEDIUM -
Cookie Poisoning Passive MEDIUM -
User Controllable Charset Passive MEDIUM -
WSDL File Detection Passive MEDIUM -
Loosely Scoped Cookie Passive MEDIUM -
Viewstate Passive MEDIUM -
Directory Browsing Passive MEDIUM -
Heartbleed OpenSSL Vulnerability (Indicative) Passive MEDIUM -
X-Backend-Server Header Information Leak Passive MEDIUM -
Secure Pages Include Mixed Content Passive MEDIUM -
HTTP to HTTPS Insecure Transition in Form Post Passive MEDIUM -
HTTPS to HTTP Insecure Transition in Form Post Passive MEDIUM -
User Controllable JavaScript Event (XSS) Passive MEDIUM -
Big Redirect Detected (Potential Sensitive Information Leak) Passive MEDIUM -
Retrieved from Cache Passive MEDIUM -
X-ChromeLogger-Data (XCOLD) Header Information Leak Passive MEDIUM -
Cookie without SameSite Attribute Passive MEDIUM -
CSP Passive MEDIUM -
X-Debug-Token Information Leak Passive MEDIUM -
Username Hash Found Passive MEDIUM -
PII Disclosure Passive MEDIUM -
Script Passive Scan Rules Passive MEDIUM -
Stats Passive Scan Rule Passive MEDIUM -
Timestamp Disclosure Passive MEDIUM -
Hash Disclosure Passive MEDIUM -
Cross-Domain Misconfiguration Passive MEDIUM -
Weak Authentication Method Passive MEDIUM -
Reverse Tabnabbing Passive MEDIUM -
Modern Web Application Passive MEDIUM -
Alert Detail
Medium Absence of Anti-CSRF Tokens
No Anti-CSRF tokens were found in a HTML submission form.
A cross-site request forgery is an attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge or intent in order to
perform an action as the victim. The underlying cause is application functionality using predictable URL/form actions in a repeatable way. The nature of the attack
is that CSRF exploits the trust that a web site has for a user. By contrast, cross-site scripting (XSS) exploits the trust that a user has for a web site. Like XSS,
CSRF attacks are not necessarily cross-site, but they can be. Cross-site request forgery is also known as CSRF, XSRF, one-click attack, session riding, confused
deputy, and sea surf.
CSRF attacks are effective in a number of situations, including:

Description
* The victim has an active session on the target site.
* The victim is authenticated via HTTP auth on the target site.
* The victim is on the same local network as the target site.
CSRF has primarily been used to perform an action against a target site using the victim's privileges, but recent techniques have been discovered to disclose
information by gaining access to the response. The risk of information disclosure is dramatically increased when the target site is vulnerable to XSS, because XSS
can be used as a platform for CSRF, allowing the attack to operate within the bounds of the same-origin policy.
URL https://paavaierp.com/paavaipay/
Method GET
Parameter
Attack
Evidence <form method="post" action="./" id="form1">
Method POST
Parameter
Attack
Evidence <form method="post" action="./" id="form1">
Instances 2
Solution Phase: Architecture and Design
Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
For example, use anti-CSRF packages such as the OWASP CSRFGuard.
Phase: Implementation
Ensure that your application is free of cross-site scripting issues, because most CSRF defenses can be bypassed using attacker-controlled script.
Phase: Architecture and Design
Generate a unique nonce for each form, place the nonce into the form, and verify the nonce upon receipt of the form. Be sure that the nonce is not predictable
(CWE-330).
Note that this can be bypassed using XSS.
Identify especially dangerous operations. When the user performs a dangerous operation, send a separate confirmation request to ensure that the user intended
to perform that operation.
Note that this can be bypassed using XSS.
Use the ESAPI Session Management control.
This control includes a component for CSRF.
Do not use the GET method for any request that triggers a state change.
Phase: Implementation
Check the HTTP Referer header to see if the request originated from an expected page. This could break legitimate functionality, because users or proxies may
have disabled sending the Referer for privacy reasons.
https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html
Reference
https://cwe.mitre.org/data/definitions/352.html
CWE Id 352
WASC Id 9
Plugin Id 10202
Medium Content Security Policy (CSP) Header Not Set

Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data
injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP
Description
headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript,
CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.
Method GET
Parameter
Attack
Evidence
URL https://paavaierp.com/paavaipay/Handler.ashx
Method GET
Parameter
Attack
Evidence
URL https://paavaierp.com/paavaipay/Handler6.ashx
Method GET
Parameter
Attack
Evidence
URL https://paavaierp.com/robots.txt
Method GET
Parameter
Attack
Evidence
URL https://paavaierp.com/sitemap.xml
Method GET
Parameter
Attack
Evidence
Method POST
Parameter
Attack
Evidence
Instances 6
Solution Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.
https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy
https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html
https://www.w3.org/TR/CSP/
Reference https://w3c.github.io/webappsec-csp/
https://web.dev/articles/csp
https://caniuse.com/#feat=contentsecuritypolicy
https://content-security-policy.com/
CWE Id 693
WASC Id 15
Plugin Id 10038
Medium Missing Anti-clickjacking Header

Description The response does not include either Content-Security-Policy with 'frame-ancestors' directive or X-Frame-Options to protect against 'ClickJacking' attacks.
Method GET
Parameter x-frame-options
Attack
Evidence
Method GET
Attack
Evidence
Method GET
Attack
Evidence
Method POST
Attack
Evidence
Instances 4
Modern Web browsers support the Content-Security-Policy and X-Frame-Options HTTP headers. Ensure one of them is set on all web pages returned by your
site/app.
Solution
If you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never
expect the page to be framed, you should use DENY. Alternatively consider implementing Content Security Policy's "frame-ancestors" directive.
Reference https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
CWE Id 1021
WASC Id 15
Plugin Id 10020
Low Cookie Without Secure Flag

Description A cookie has been set without the secure flag, which means that the cookie can be accessed via unencrypted connections.
Method GET
Parameter ASP.NET_SessionId
Attack
Evidence Set-Cookie: ASP.NET_SessionId
Instances 1
Whenever a cookie contains sensitive information or is a session token, then it should always be passed using an encrypted channel. Ensure that the secure flag
Solution
is set for cookies containing such sensitive information.
https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/06-Session_Management_Testing/02-
Reference
Testing_for_Cookies_Attributes.html
CWE Id 614
WASC Id 13
Plugin Id 10011
Low Cross-Domain JavaScript Source File Inclusion

Description The page includes one or more script files from a third-party domain.
Method GET
Parameter https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Attack
Evidence <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js"></script>
Method GET
Parameter https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js
Attack
Evidence <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js"></script>
Method POST
Parameter https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Attack
Evidence <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js"></script>
Method POST
Parameter https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js
Attack
Evidence <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js"></script>
Instances 4
Solution Ensure JavaScript source files are loaded from only trusted sources, and the sources can't be controlled by end users of the application.
Reference
CWE Id 829
WASC Id 15
Plugin Id 10017
Low Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s)
The web/application server is leaking information via one or more "X-Powered-By" HTTP response headers. Access to such information may facilitate attackers
Description
identifying other frameworks/components your web application is reliant upon and the vulnerabilities such components may be subject to.
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Method GET
Parameter
Attack
Method GET
Parameter
Attack
https://paavaierp.com/paavaipay/ScriptResource.axd?d=3-jcMy4j5U6S08XPVYh3zsyXvFiZWKPI8HShS-
URL 60mZe767XJvLLbeBiv13b_DnHpZmkom49pKuV4BOKcCc_KhRU-HuYQSm4AeSQ-IwVZUgRVaBDk09sv-
mehTz0heDUR6qXhpFnoH9NMLt5zxgG0Vw2&t=ffffffffe4ec58b9
Method GET
Parameter
Attack
https://paavaierp.com/paavaipay/ScriptResource.axd?d=c-lsySMsiEQGnQ-JYSnm8WJ-
URL x72vn8GTGF6_4rU02PRP7E6tvEn7zdIuLtudBZpwldFQkacFePr2xRNJhNY_mwvQQQJD-
uDfciQrBKWBzyB7Vm37jf0gti3uRXcI3A3RnNOrz6nT4rtuIaGOuwDHQg2&t=ffffffffe4ec58b9
Method GET
Parameter
Attack
https://paavaierp.com/paavaipay/ScriptResource.axd?d=JI9ntrl7F0Y-29ejiQIu08E5lYAYVWBBixmyaduCfFKyKWrgEcGgh71MB0YpqWspcuZM4n2OzE-
URL
olBNHoxW574ilmEAT4ObFfYD39itrE8xxIyKCoNqZlDArYQ_lvHMmXiH7ctq16snQXAf-2Oq2vQ2&t=ffffffffe4ec58b9
Method GET
Parameter
Attack
https://paavaierp.com/paavaipay/ScriptResource.axd?d=qXiWEEfKGmd8Tzj56bggEQgrxziaT1-rfH0vGVpbZBEX01jQMs-
URL
uyvcKlAS3HMRbfpAX7LBzYFJFRB9AlWu8N0Ct4e8me0ei6RfIkhDxAKo0fVHiln5EPscZDBnuF3j5DpGWN3lPTnTieaLJwbuwbA2&t=ffffffffe4ec58b9
Method GET
Parameter
Attack
https://paavaierp.com/paavaipay/ScriptResource.axd?d=x8O4UuishFSc4f4L3wA6frO_VgzpcVG48i_-
URL kv6UsE2OqiWcXDQPz1y_HYULdAsTGT_cM1xVZmACNan5s2u-
l95tXvMqItiWAr4OAddBdMS7H4tG7Fl6FjGQbO5JRBJ6pdMyyYBgpJ9r3Ob7V4zxqK75twuUyNK1zG8FntZxCFo1&t=ffffffffe4ec58b9
Method GET
Parameter
Attack
https://paavaierp.com/paavaipay/WebResource.axd?
URL d=VknKo04Z8R7dKv8swXnZ1g2caaU_CTyJ0YYl_LJBz0mvmAs0lKvvgdaBQdBZzzBDOU2Hhvg32wcQda3n1Zao0NjffDPF5EtOJAg60Gck1Lw1&t=63806002348
4664551
Method GET
Parameter
Attack
https://paavaierp.com/paavaipay/WebResource.axd?d=znbxMyHTMwNWgoaBzqNj0eBtz5uQn-iUxyXBgLosfgjhEUsd85uG-
URL
ErpKKIQ4tIj7yApkDwvknMiPCm5WDR9-w_OVPQZa5m_-W7jNP0TyFc1&t=638060023484664551
Method GET
Parameter
Attack
Method GET
Parameter
Attack
Method GET
Parameter
Attack
Method POST
Parameter
Attack
Instances 13
Solution Ensure that your web server, application server, load balancer, etc. is configured to suppress "X-Powered-By" headers.
https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/01-Information_Gathering/08-
Reference Fingerprint_Web_Application_Framework
https://www.troyhunt.com/2012/02/shhh-dont-let-your-response-headers.html
CWE Id 200
WASC Id 13
Plugin Id 10037
Low Server Leaks Version Information via "Server" HTTP Response Header Field
The web/application server is leaking version information via the "Server" HTTP response header. Access to such information may facilitate attackers identifying
Description
other vulnerabilities your web/application server is subject to.
Method GET
Parameter
Attack
Evidence Microsoft-IIS/10.0
Method GET
Parameter
Attack
Method GET
Parameter
Attack
Method GET
Parameter
Attack
Method GET
Parameter
Attack
URL
Method GET
Parameter
Attack
URL
Method GET
Parameter
Attack
Method GET
Parameter
Attack
4664551
Method GET
Parameter
Attack
URL
Method GET
Parameter
Attack
Method GET
Parameter
Attack
Method GET
Parameter
Attack
Method POST
Parameter
Attack
Instances 13
Solution Ensure that your web server, application server, load balancer, etc. is configured to suppress the "Server" header or provide generic details.
https://httpd.apache.org/docs/current/mod/core.html#servertokens
Reference https://learn.microsoft.com/en-us/previous-versions/msp-n-p/ff648552(v=pandp.10)
https://www.troyhunt.com/shhh-dont-let-your-response-headers/
CWE Id 200
WASC Id 13
Plugin Id 10036
Low Strict-Transport-Security Header Not Set

HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser)
Description are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC
6797.
Method GET
Parameter
Attack
Evidence
Method GET
Parameter
Attack
Evidence
Method GET
Parameter
Attack
Evidence
Method GET
Parameter
Attack
Evidence
Method GET
Parameter
Attack
Evidence
URL
Method GET
Parameter
Attack
Evidence
URL
Method GET
Parameter
Attack
Evidence
Method GET
Parameter
Attack
Evidence
4664551
Method GET
Parameter
Attack
Evidence
URL
Method GET
Parameter
Attack
Evidence
Method GET
Parameter
Attack
Evidence
Method GET
Parameter
Attack
Evidence
Method POST
Parameter
Attack
Evidence
Instances 13
Solution Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.
https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html
https://owasp.org/www-community/Security_Headers
Reference https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
https://caniuse.com/stricttransportsecurity
https://datatracker.ietf.org/doc/html/rfc6797
CWE Id 319
WASC Id 15
Plugin Id 10035
Low X-AspNet-Version Response Header

Description Server leaks information via "X-AspNet-Version"/"X-AspNetMvc-Version" HTTP response header field(s).
Method GET
Parameter
Attack
Evidence 4.0.30319
Method GET
Parameter
Attack
Evidence 4.0.30319
Method GET
Parameter
Attack
Evidence 4.0.30319
Method GET
Parameter
Attack
Evidence 4.0.30319
Method GET
Parameter
Attack
Evidence 4.0.30319
URL https://paavaierp.com/paavaipay/ScriptResource.axd?d=JI9ntrl7F0Y-29ejiQIu08E5lYAYVWBBixmyaduCfFKyKWrgEcGgh71MB0YpqWspcuZM4n2OzE-
Method GET
Parameter
Attack
Evidence 4.0.30319
URL
Method GET
Parameter
Attack
Evidence 4.0.30319
Method GET
Parameter
Attack
Evidence 4.0.30319
4664551
Method GET
Parameter
Attack
Evidence 4.0.30319
URL
Method GET
Parameter
Attack
Evidence 4.0.30319
Method POST
Parameter
Attack
Evidence 4.0.30319
Instances 11
Solution Configure the server so it will not return those headers.
https://www.troyhunt.com/shhh-dont-let-your-response-headers/
Reference
https://blogs.msdn.microsoft.com/varunm/2013/04/23/remove-unwanted-http-response-headers/
CWE Id 933
WASC Id 14
Plugin Id 10061
Low X-Content-Type-Options Header Missing
The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-
Description sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type.
Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.
Method GET
Parameter x-content-type-options
Attack
Evidence
Method GET
Attack
Evidence
Method GET
Attack
Evidence
Method GET
Attack
Evidence
Method GET
Attack
Evidence
URL
Method GET
Attack
Evidence
URL
Method GET
Attack
Evidence
Method GET
Attack
Evidence
4664551
Method GET
Attack
Evidence
URL
Method GET
Attack
Evidence
Method POST
Attack
Evidence
Instances 11
Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web
pages.
Solution
If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by
the web application/web server to not perform MIME-sniffing.
https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)
Reference
https://owasp.org/www-community/Security_Headers
CWE Id 693
WASC Id 15
Plugin Id 10021
Informational Authentication Request Identified

The given request has been identified as an authentication request. The 'Other Info' field contains a set of key=value lines which identify any relevant fields. If the
Description
request is in a context which has an Authentication Method set to "Auto-Detect" then this rule will change the authentication to match the request identified.
Method POST
Parameter rblOnlineAppLoginMode
Attack
Evidence txtpassword
Instances 1
Solution This is an informational alert rather than a vulnerability and so there is nothing to fix.
Reference https://www.zaproxy.org/docs/desktop/addons/authentication-helper/auth-req-id/
CWE Id
WASC Id
Plugin Id 10111
Informational Re-examine Cache-control Directives

The cache-control header has not been set properly or is missing, allowing the browser and proxies to cache content. For static assets like css, js, or image files
Description
this might be intended, however, the resources should be reviewed to ensure that no sensitive content will be cached.
Method GET
Parameter cache-control
Attack
Evidence private
Method GET
Attack
Evidence private
Method GET
Attack
Evidence private
Method POST
Attack
Evidence private
Instances 4
For secure content, ensure the cache-control HTTP header is set with "no-cache, no-store, must-revalidate". If an asset should be cached consider setting the
Solution
directives "public, max-age, immutable".
https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html#web-content-caching
Reference https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control
https://grayduck.mn/2021/09/13/cache-control-recommendations/
CWE Id 525
WASC Id 13
Plugin Id 10015
Informational Session Management Response Identified

Description The given response has been identified as containing a session management token. The 'Other Info' field contains a set of header tokens that can be used in the
Header Based Session Management Method. If the request is in a context which has a Session Management Method set to "Auto-Detect" then this rule will
change the session management to use the tokens identified.
Method GET
Attack
Evidence 5fdn0vdz3kbyqo0rkeqtoz3a
Method GET
Attack
Evidence gvph254gbwdk140k44mk0yxk
Method GET
Attack
Evidence i0dpc5nbowofomx0t35sxdkz
Method GET
Attack
Evidence mfwvin2gzxmy3lsui5w2h1dd
Method GET
Attack
Evidence y1slvcwhumvxtqhfjtmwinfk
URL https://paavaierp.com/favicon.ico
Method GET
Attack
Evidence 5fdn0vdz3kbyqo0rkeqtoz3a
Method GET
Attack
Method GET
Attack
Evidence mfwvin2gzxmy3lsui5w2h1dd
Method GET
Attack
Method GET
Attack
Method GET
Attack
Method GET
Attack
Method GET
Attack
Method GET
Attack
Method GET
Attack
4664551
Method GET
Attack
Instances 16
Solution This is an informational alert rather than a vulnerability and so there is nothing to fix.
Reference https://www.zaproxy.org/docs/desktop/addons/authentication-helper/session-mgmt-id
CWE Id
WASC Id
Plugin Id 10112
Informational User Controllable HTML Element Attribute (Potential XSS)

This check looks at user-supplied input in query string parameters and POST data to identify where certain HTML attribute values might be controlled. This
Description
provides hot-spot detection for XSS (cross-site scripting) that will require further review by a security analyst to determine exploitability.
Method POST
Parameter __EVENTVALIDATION
Attack
Evidence
Method POST
Parameter __VIEWSTATE
Attack
Evidence
Method POST
Parameter __VIEWSTATEGENERATOR
Attack
Evidence
Method POST
Parameter Button1
Attack
Evidence
Method POST
Parameter Button1
Attack
Evidence
Method POST
Parameter txtuname
Attack
Evidence
Instances 6
Solution Validate all input and sanitize output it before writing to any HTML attributes.
Reference https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html
CWE Id 20
WASC Id 20
Plugin Id 10031

Owasp Zap Scanner Output 2024-02-29

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Owasp Zap Scanner Output 2024-02-29

Uploaded by

Copyright:

Available Formats

OWASP ZAP Scan Report

Javascript included from: https://cdnjs.cloudflare.com https://paavaierp.com

ZAP Version: 2.14.0

Risk Level Number of Alerts

Name Risk Level Number of Instances

Absence of Anti-CSRF Tokens Medium 2

Name Rule Type Threshold Strength

Verification Request Identified Passive MEDIUM -

CSRF attacks are effective in a number of situations, including:

* The victim is authenticated via HTTP auth on the target site.

* The victim is on the same local network as the target site.

For example, use anti-CSRF packages such as the OWASP CSRFGuard.

Phase: Architecture and Design

Note that this can be bypassed using XSS.

Note that this can be bypassed using XSS.

Use the ESAPI Session Management control.

This control includes a component for CSRF.

Medium Content Security Policy (CSP) Header Not Set

Medium Missing Anti-clickjacking Header

Low Cookie Without Secure Flag

Low Cross-Domain JavaScript Source File Inclusion

Low Strict-Transport-Security Header Not Set

Low X-AspNet-Version Response Header

Informational Authentication Request Identified

Informational Re-examine Cache-control Directives

Informational Session Management Response Identified

Informational User Controllable HTML Element Attribute (Potential XSS)

You might also like