not-gov.uk}: ZAP Scan Baseline Report
github-actions opened this issue · comments
github-actions commented
- Site: https://not-gov.uk
New Alerts- Absence of Anti-CSRF Tokens [10202] total: 12:
- Application Error Disclosure [90022] total: 1:
- CSP: Wildcard Directive [10055] total: 3:
- CSP: script-src unsafe-inline [10055] total: 3:
- CSP: style-src unsafe-inline [10055] total: 3:
- Content Security Policy (CSP) Header Not Set [10038] total: 4:
- Strict-Transport-Security Header Not Set [10035] total: 11:
- Timestamp Disclosure - Unix [10096] total: 7:
- X-Content-Type-Options Header Missing [10021] total: 11:
- Information Disclosure - Suspicious Comments [10027] total: 11:
- Modern Web Application [10109] total: 12:
- Re-examine Cache-control Directives [10015] total: 11:
- Retrieved from Cache [10050] total: 11:
- User Controllable HTML Element Attribute (Potential XSS) [10031] total: 17:
View the following link to download the report.
RunnerID:2525464279