ZAP Scan Baseline Report
github-actions opened this issue · comments
github-actions commented
- Site: https://security.c4po.dev
New Alerts- CSP: Wildcard Directive [10055] total: 2:
- CSP: style-src unsafe-inline [10055] total: 1:
- Content Security Policy (CSP) Header Not Set [10038] total: 2:
- Cross-Domain Misconfiguration [10098] total: 11:
- Missing Anti-clickjacking Header [10020] total: 2:
- Source Code Disclosure - PHP [10099] total: 1:
- Permissions Policy Header Not Set [10063] total: 4:
- Strict-Transport-Security Header Not Set [10035] total: 11:
- X-Content-Type-Options Header Missing [10021] total: 11:
- Base64 Disclosure [10094] total: 3:
- CSP: Header & Meta [10055] total: 1:
- Information Disclosure - Suspicious Comments [10027] total: 2:
- Modern Web Application [10109] total: 2:
- Re-examine Cache-control Directives [10015] total: 4:
- Retrieved from Cache [10050] total: 11:
- Sec-Fetch-Dest Header is Missing [90005] total: 2:
- Sec-Fetch-Mode Header is Missing [90005] total: 2:
- Sec-Fetch-Site Header is Missing [90005] total: 2:
- Sec-Fetch-User Header is Missing [90005] total: 2:
- Storable and Cacheable Content [10049] total: 11:
View the following link to download the report.
RunnerID:6245837833