diff --git a/documentation/package-lock.json b/documentation/package-lock.json index b66888ef18..73819ad910 100644 --- a/documentation/package-lock.json +++ b/documentation/package-lock.json @@ -21,21 +21,21 @@ "mustache": "^4.2.0", "node-fetch": "^3.1.1", "prism-react-renderer": "^2.4.1", - "react": "^19.0.0", - "react-dom": "^19.0.0", + "react": "^19.1.0", + "react-dom": "^19.1.0", "rimraf": "^6.0.1", - "sass": "1.85" + "sass": "1.86" }, "devDependencies": { "@docusaurus/module-type-aliases": "^3.6.0", "@docusaurus/tsconfig": "^3.7.0", "@docusaurus/types": "^3.6.0", - "@types/node": "^22.13.8", - "@types/react": "^19.0.10", + "@types/node": "^22.14.0", + "@types/react": "^19.1.0", "@types/react-helmet": "^6.1.11", "@types/react-router-dom": "^5.1.8", "sass-loader": "^16.0.5", - "typescript": "^5.8.2" + "typescript": "^5.8.3" }, "engines": { "node": ">=18.0" @@ -5404,12 +5404,12 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "22.13.8", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.13.8.tgz", - "integrity": "sha512-G3EfaZS+iOGYWLLRCEAXdWK9my08oHNZ+FHluRiggIYJPOXzhOiDgpVCUHaUvyIC5/fj7C/p637jdzC666AOKQ==", + "version": "22.14.0", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.14.0.tgz", + "integrity": "sha512-Kmpl+z84ILoG+3T/zQFyAJsU6EPTmOCj8/2+83fSN6djd6I4o7uOuGIH6vq3PrjY5BGitSbFuMN18j3iknubbA==", "license": "MIT", "dependencies": { - "undici-types": "~6.20.0" + "undici-types": "~6.21.0" } }, "node_modules/@types/node-forge": { @@ -5448,9 +5448,9 @@ "integrity": "sha512-hKormJbkJqzQGhziax5PItDUTMAM9uE2XXQmM37dyd4hVM+5aVl7oVxMVUiVQn2oCQFN/LKCZdvSM0pFRqbSmQ==" }, "node_modules/@types/react": { - "version": "19.0.10", - "resolved": "https://registry.npmjs.org/@types/react/-/react-19.0.10.tgz", - "integrity": "sha512-JuRQ9KXLEjaUNjTWpzuR231Z2WpIwczOkBEIvbHNCzQefFIT0L8IqE6NV6ULLyC1SI/i234JnDoMkfg+RjQj2g==", + "version": "19.1.0", + "resolved": "https://registry.npmjs.org/@types/react/-/react-19.1.0.tgz", + "integrity": "sha512-UaicktuQI+9UKyA4njtDOGBD/67t8YEBt2xdfqu8+gP9hqPUPsiXlNPcpS2gVdjmis5GKPG3fCxbQLVgxsQZ8w==", "license": "MIT", "dependencies": { "csstype": "^3.0.2" @@ -8257,9 +8257,10 @@ } }, "node_modules/estree-util-value-to-estree": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/estree-util-value-to-estree/-/estree-util-value-to-estree-3.2.1.tgz", - "integrity": "sha512-Vt2UOjyPbNQQgT5eJh+K5aATti0OjCIAGc9SgMdOFYbohuifsWclR74l0iZTJwePMgWYdX1hlVS+dedH9XV8kw==", + "version": "3.3.3", + "resolved": "https://registry.npmjs.org/estree-util-value-to-estree/-/estree-util-value-to-estree-3.3.3.tgz", + "integrity": "sha512-Db+m1WSD4+mUO7UgMeKkAwdbfNWwIxLt48XF2oFU9emPfXkIu+k5/nlOj313v7wqtAPo0f9REhUvznFrPkG8CQ==", + "license": "MIT", "dependencies": { "@types/estree": "^1.0.0" }, @@ -9817,9 +9818,10 @@ } }, "node_modules/image-size": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/image-size/-/image-size-1.2.0.tgz", - "integrity": "sha512-4S8fwbO6w3GeCVN6OPtA9I5IGKkcDMPcKndtUlpJuCwu7JLjtj7JZpwqLuyY2nrmQT3AWsCJLSKPsc2mPBSl3w==", + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/image-size/-/image-size-1.2.1.tgz", + "integrity": "sha512-rH+46sQJ2dlwfjfhCyNx5thzrv+dtmBIhPHk0zgRUukHzZ/kRueTJXoYYsclBaKcSMBWuGbOFXtioLpzTb5euw==", + "license": "MIT", "dependencies": { "queue": "6.0.2" }, @@ -15273,9 +15275,10 @@ } }, "node_modules/react": { - "version": "19.0.0", - "resolved": "https://registry.npmjs.org/react/-/react-19.0.0.tgz", - "integrity": "sha512-V8AVnmPIICiWpGfm6GLzCR/W5FXLchHop40W4nXBmdlEceh16rCN8O8LNWm5bh5XUX91fh7KpA+W0TgMKmgTpQ==", + "version": "19.1.0", + "resolved": "https://registry.npmjs.org/react/-/react-19.1.0.tgz", + "integrity": "sha512-FS+XFBNvn3GTAWq26joslQgWNoFu08F4kl0J4CgdNKADkdSGXQyTCnKteIAJy96Br6YbpEU1LSzV5dYtjMkMDg==", + "license": "MIT", "engines": { "node": ">=0.10.0" } @@ -15399,14 +15402,15 @@ } }, "node_modules/react-dom": { - "version": "19.0.0", - "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-19.0.0.tgz", - "integrity": "sha512-4GV5sHFG0e/0AD4X+ySy6UJd3jVl1iNsNHdpad0qhABJ11twS3TTBnseqsKurKcsNqCEFeGL3uLpVChpIO3QfQ==", + "version": "19.1.0", + "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-19.1.0.tgz", + "integrity": "sha512-Xs1hdnE+DyKgeHJeJznQmYMIBG3TKIHJJT95Q58nHLSrElKlGQqDTR2HQ9fx5CN/Gk6Vh/kupBTDLU11/nDk/g==", + "license": "MIT", "dependencies": { - "scheduler": "^0.25.0" + "scheduler": "^0.26.0" }, "peerDependencies": { - "react": "^19.0.0" + "react": "^19.1.0" } }, "node_modules/react-error-overlay": { @@ -16242,9 +16246,9 @@ "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" }, "node_modules/sass": { - "version": "1.85.1", - "resolved": "https://registry.npmjs.org/sass/-/sass-1.85.1.tgz", - "integrity": "sha512-Uk8WpxM5v+0cMR0XjX9KfRIacmSG86RH4DCCZjLU2rFh5tyutt9siAXJ7G+YfxQ99Q6wrRMbMlVl6KqUms71ag==", + "version": "1.86.3", + "resolved": "https://registry.npmjs.org/sass/-/sass-1.86.3.tgz", + "integrity": "sha512-iGtg8kus4GrsGLRDLRBRHY9dNVA78ZaS7xr01cWnS7PEMQyFtTqBiyCrfpTYTZXRWM94akzckYjh8oADfFNTzw==", "license": "MIT", "dependencies": { "chokidar": "^4.0.0", @@ -16333,9 +16337,10 @@ "integrity": "sha512-+aWOz7yVScEGoKNd4PA10LZ8sk0A/z5+nXQG5giUO5rprX9jgYsTdov9qCchZiPIZezbZH+jRut8nPodFAX4Jg==" }, "node_modules/scheduler": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/scheduler/-/scheduler-0.25.0.tgz", - "integrity": "sha512-xFVuu11jh+xcO7JOAGJNOXld8/TcEHK/4CituBUeUb5hqxJLj9YuemAEuvm9gQ/+pgXYfbQuqAkiYu+u7YEsNA==" + "version": "0.26.0", + "resolved": "https://registry.npmjs.org/scheduler/-/scheduler-0.26.0.tgz", + "integrity": "sha512-NlHwttCI/l5gCPR3D1nNXtWABUmBwvZpEQiD4IXSbIDq8BzLIK/7Ir5gTFSGZDUu37K5cMNp0hFtzO38sC7gWA==", + "license": "MIT" }, "node_modules/schema-utils": { "version": "4.3.0", @@ -17548,9 +17553,9 @@ } }, "node_modules/typescript": { - "version": "5.8.2", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.8.2.tgz", - "integrity": "sha512-aJn6wq13/afZp/jT9QZmwEjDqqvSGp1VT5GVg+f/t6/oVyrgXM6BY1h9BRh/O5p3PlUPAe+WuiEZOmb/49RqoQ==", + "version": "5.8.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.8.3.tgz", + "integrity": "sha512-p1diW6TqL9L07nNxvRMM7hMMw4c5XOo/1ibL4aAIGmSAt9slTE1Xgw5KWuof2uTOvCg9BY7ZRi+GaF+7sfgPeQ==", "license": "Apache-2.0", "bin": { "tsc": "bin/tsc", @@ -17561,9 +17566,10 @@ } }, "node_modules/undici-types": { - "version": "6.20.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", - "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==" + "version": "6.21.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz", + "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==", + "license": "MIT" }, "node_modules/unicode-canonical-property-names-ecmascript": { "version": "2.0.0", diff --git a/documentation/package.json b/documentation/package.json index c9f3786663..74f1d81188 100644 --- a/documentation/package.json +++ b/documentation/package.json @@ -31,10 +31,10 @@ "mustache": "^4.2.0", "node-fetch": "^3.1.1", "prism-react-renderer": "^2.4.1", - "react": "^19.0.0", - "react-dom": "^19.0.0", + "react": "^19.1.0", + "react-dom": "^19.1.0", "rimraf": "^6.0.1", - "sass": "1.85" + "sass": "1.86" }, "browserslist": { "production": [ @@ -52,12 +52,12 @@ "@docusaurus/module-type-aliases": "^3.6.0", "@docusaurus/tsconfig": "^3.7.0", "@docusaurus/types": "^3.6.0", - "@types/node": "^22.13.8", - "@types/react": "^19.0.10", + "@types/node": "^22.14.0", + "@types/react": "^19.1.0", "@types/react-helmet": "^6.1.11", "@types/react-router-dom": "^5.1.8", "sass-loader": "^16.0.5", - "typescript": "^5.8.2" + "typescript": "^5.8.3" }, "engines": { "node": ">=18.0" diff --git a/scanners/gitleaks/Chart.yaml b/scanners/gitleaks/Chart.yaml index 9f40fbdbe8..ab8d7fb427 100644 --- a/scanners/gitleaks/Chart.yaml +++ b/scanners/gitleaks/Chart.yaml @@ -8,7 +8,7 @@ description: A Helm chart for the gitleaks repository scanner that integrates wi type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 -appVersion: "v8.24.0" +appVersion: "v8.24.2" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/zricethezav/gitleaks/releases/latest diff --git a/scanners/gitleaks/README.md b/scanners/gitleaks/README.md index 90ca52ee72..ad9e228548 100644 --- a/scanners/gitleaks/README.md +++ b/scanners/gitleaks/README.md @@ -3,7 +3,7 @@ title: "Gitleaks" category: "scanner" type: "Repository" state: "released" -appVersion: "v8.24.0" +appVersion: "v8.24.2" usecase: "Find potential secrets in repositories" --- diff --git a/scanners/gitleaks/docs/README.DockerHub-Parser.md b/scanners/gitleaks/docs/README.DockerHub-Parser.md index 86e440aeed..ee7d2aaa56 100644 --- a/scanners/gitleaks/docs/README.DockerHub-Parser.md +++ b/scanners/gitleaks/docs/README.DockerHub-Parser.md @@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht ## Supported Tags - `latest` (represents the latest stable release build) -- tagged releases, e.g. `v8.24.0` +- tagged releases, e.g. `v8.24.2` ## How to use this image This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more information details please take a look at the documentation page: https://www.securecodebox.io/docs/scanners/gitleaks. diff --git a/scanners/nuclei/Chart.yaml b/scanners/nuclei/Chart.yaml index 1aa4c7da4b..d3cfede612 100644 --- a/scanners/nuclei/Chart.yaml +++ b/scanners/nuclei/Chart.yaml @@ -8,7 +8,7 @@ description: A Helm chart for the nuclei security scanner that integrates with t type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 -appVersion: "v3.3.8" +appVersion: "v3.4.2" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/projectdiscovery/nuclei/releases/latest diff --git a/scanners/nuclei/README.md b/scanners/nuclei/README.md index b9ba1dea3d..5f550c4d7d 100644 --- a/scanners/nuclei/README.md +++ b/scanners/nuclei/README.md @@ -3,7 +3,7 @@ title: "Nuclei" category: "scanner" type: "Website" state: "released" -appVersion: "v3.3.8" +appVersion: "v3.4.2" usecase: "Nuclei is a fast, template based vulnerability scanner." --- diff --git a/scanners/nuclei/docs/README.DockerHub-Parser.md b/scanners/nuclei/docs/README.DockerHub-Parser.md index 1f8631fc62..ff5074fcde 100644 --- a/scanners/nuclei/docs/README.DockerHub-Parser.md +++ b/scanners/nuclei/docs/README.DockerHub-Parser.md @@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht ## Supported Tags - `latest` (represents the latest stable release build) -- tagged releases, e.g. `v3.3.8` +- tagged releases, e.g. `v3.4.2` ## How to use this image This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more information details please take a look at the documentation page: https://www.securecodebox.io/docs/scanners/nuclei. diff --git a/scanners/semgrep/Chart.yaml b/scanners/semgrep/Chart.yaml index c9c41af6c0..332ce22a69 100644 --- a/scanners/semgrep/Chart.yaml +++ b/scanners/semgrep/Chart.yaml @@ -22,7 +22,7 @@ version: "v3.1.0-alpha1" # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "1.113.0" +appVersion: "1.117.0" annotations: versionApi: https://api.github.com/repos/semgrep/semgrep/releases/latest supported-platforms: linux/amd64,linux/arm64 diff --git a/scanners/semgrep/README.md b/scanners/semgrep/README.md index d41aa228f0..ee75edc706 100644 --- a/scanners/semgrep/README.md +++ b/scanners/semgrep/README.md @@ -3,7 +3,7 @@ title: "Semgrep" category: "scanner" type: "Repository" state: "released" -appVersion: "1.113.0" +appVersion: "1.117.0" usecase: "Static Code Analysis" --- diff --git a/scanners/semgrep/docs/README.DockerHub-Parser.md b/scanners/semgrep/docs/README.DockerHub-Parser.md index f859670163..e41158acba 100644 --- a/scanners/semgrep/docs/README.DockerHub-Parser.md +++ b/scanners/semgrep/docs/README.DockerHub-Parser.md @@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht ## Supported Tags - `latest` (represents the latest stable release build) -- tagged releases, e.g. `1.113.0` +- tagged releases, e.g. `1.117.0` ## How to use this image This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more information details please take a look at the documentation page: https://www.securecodebox.io/docs/scanners/semgrep. diff --git a/scanners/trivy-sbom/Chart.yaml b/scanners/trivy-sbom/Chart.yaml index 6d0417f45e..d1c559dc67 100644 --- a/scanners/trivy-sbom/Chart.yaml +++ b/scanners/trivy-sbom/Chart.yaml @@ -8,7 +8,7 @@ description: A Helm chart for the trivy-sbom security scanner that integrates wi type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 -appVersion: "0.60.0" +appVersion: "0.61.0" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/aquasecurity/trivy/releases/latest diff --git a/scanners/trivy-sbom/README.md b/scanners/trivy-sbom/README.md index 549242b03b..af6376ae29 100644 --- a/scanners/trivy-sbom/README.md +++ b/scanners/trivy-sbom/README.md @@ -3,7 +3,7 @@ title: "Trivy SBOM" category: "scanner" type: "Container" state: "released" -appVersion: "0.60.0" +appVersion: "0.61.0" usecase: "Container Dependency Scanner" --- diff --git a/scanners/trivy-sbom/docs/README.DockerHub-Parser.md b/scanners/trivy-sbom/docs/README.DockerHub-Parser.md index f16b70c8ff..5b08a9e4a2 100644 --- a/scanners/trivy-sbom/docs/README.DockerHub-Parser.md +++ b/scanners/trivy-sbom/docs/README.DockerHub-Parser.md @@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht ## Supported Tags - `latest` (represents the latest stable release build) -- tagged releases, e.g. `0.60.0` +- tagged releases, e.g. `0.61.0` ## How to use this image This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more information details please take a look at the documentation page: https://www.securecodebox.io/docs/scanners/trivy-sbom. diff --git a/scanners/trivy/Chart.yaml b/scanners/trivy/Chart.yaml index fab473767c..c12bb7654a 100644 --- a/scanners/trivy/Chart.yaml +++ b/scanners/trivy/Chart.yaml @@ -8,7 +8,7 @@ description: A Helm chart for the trivy security scanner that integrates with th type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 -appVersion: "0.60.0" +appVersion: "0.61.0" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/aquasecurity/trivy/releases/latest diff --git a/scanners/trivy/README.md b/scanners/trivy/README.md index 9c531605cd..4a9ae9c95d 100644 --- a/scanners/trivy/README.md +++ b/scanners/trivy/README.md @@ -3,7 +3,7 @@ title: "Trivy" category: "scanner" type: "Container" state: "released" -appVersion: "0.60.0" +appVersion: "0.61.0" usecase: "Container Vulnerability Scanner" --- diff --git a/scanners/zap-advanced/Chart.yaml b/scanners/zap-advanced/Chart.yaml index 1c34585a3a..a6bcd27c88 100644 --- a/scanners/zap-advanced/Chart.yaml +++ b/scanners/zap-advanced/Chart.yaml @@ -8,7 +8,7 @@ description: A Helm chart for the ZAP (extended with advanced authentication fea type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 -appVersion: "2.16.0" +appVersion: "2.16.1" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/zaproxy/zaproxy/releases/latest diff --git a/scanners/zap-advanced/README.md b/scanners/zap-advanced/README.md index eabade968a..97178085b6 100644 --- a/scanners/zap-advanced/README.md +++ b/scanners/zap-advanced/README.md @@ -3,7 +3,7 @@ title: "ZAP Advanced" category: "scanner" type: "WebApplication" state: "released" -appVersion: "2.16.0" +appVersion: "2.16.1" usecase: "WebApp & OpenAPI Vulnerability Scanner extend with authentication features" --- @@ -524,7 +524,7 @@ zapConfiguration: | zapContainer.envFrom | list | `[]` | Optional mount environment variables from configMaps or secrets (see: https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure/#configure-all-key-value-pairs-in-a-secret-as-container-environment-variables) | | zapContainer.extraVolumeMounts | list | `[{"mountPath":"/home/zap/.ZAP_D/scripts/scripts/authentication/","name":"zap-scripts-authentication","readOnly":true},{"mountPath":"/home/zap/.ZAP_D/scripts/scripts/session/","name":"zap-scripts-session","readOnly":true}]` | Optional VolumeMounts mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) | | zapContainer.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images | -| zapContainer.image.repository | string | `"softwaresecurityproject/zap-stable"` | Container Image to run the scan | +| zapContainer.image.repository | string | `"docker.io/zaproxy/zap-stable"` | Container Image to run the scan | | zapContainer.image.tag | string | `nil` | defaults to the charts appVersion | | zapContainer.resources | object | `{}` | CPU/memory resource requests/limits (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/, https://kubernetes.io/docs/tasks/configure-pod-container/assign-cpu-resource/) | | zapContainer.securityContext.allowPrivilegeEscalation | bool | `false` | | diff --git a/scanners/zap-advanced/docs/README.ArtifactHub.md b/scanners/zap-advanced/docs/README.ArtifactHub.md index 57bb033607..e625ee9a78 100644 --- a/scanners/zap-advanced/docs/README.ArtifactHub.md +++ b/scanners/zap-advanced/docs/README.ArtifactHub.md @@ -529,7 +529,7 @@ zapConfiguration: | zapContainer.envFrom | list | `[]` | Optional mount environment variables from configMaps or secrets (see: https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure/#configure-all-key-value-pairs-in-a-secret-as-container-environment-variables) | | zapContainer.extraVolumeMounts | list | `[{"mountPath":"/home/zap/.ZAP_D/scripts/scripts/authentication/","name":"zap-scripts-authentication","readOnly":true},{"mountPath":"/home/zap/.ZAP_D/scripts/scripts/session/","name":"zap-scripts-session","readOnly":true}]` | Optional VolumeMounts mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) | | zapContainer.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images | -| zapContainer.image.repository | string | `"softwaresecurityproject/zap-stable"` | Container Image to run the scan | +| zapContainer.image.repository | string | `"docker.io/zaproxy/zap-stable"` | Container Image to run the scan | | zapContainer.image.tag | string | `nil` | defaults to the charts appVersion | | zapContainer.resources | object | `{}` | CPU/memory resource requests/limits (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/, https://kubernetes.io/docs/tasks/configure-pod-container/assign-cpu-resource/) | | zapContainer.securityContext.allowPrivilegeEscalation | bool | `false` | | diff --git a/scanners/zap-advanced/tests/__snapshot__/scanner_test.yaml.snap b/scanners/zap-advanced/tests/__snapshot__/scanner_test.yaml.snap index 9f5770a1db..d6740a7bd7 100644 --- a/scanners/zap-advanced/tests/__snapshot__/scanner_test.yaml.snap +++ b/scanners/zap-advanced/tests/__snapshot__/scanner_test.yaml.snap @@ -148,7 +148,7 @@ matches the snapshot: - api.disablekey=true env: [] envFrom: [] - image: softwaresecurityproject/zap-stable:0.0.0 + image: docker.io/zaproxy/zap-stable:0.0.0 imagePullPolicy: IfNotPresent name: zap-sidecar ports: diff --git a/scanners/zap-advanced/values.yaml b/scanners/zap-advanced/values.yaml index efd51d7ad9..436bce6289 100644 --- a/scanners/zap-advanced/values.yaml +++ b/scanners/zap-advanced/values.yaml @@ -133,7 +133,7 @@ scanner: zapContainer: image: # -- Container Image to run the scan - repository: softwaresecurityproject/zap-stable + repository: docker.io/zaproxy/zap-stable # -- defaults to the charts appVersion tag: null # -- Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images diff --git a/scanners/zap-automation-framework/Chart.yaml b/scanners/zap-automation-framework/Chart.yaml index 85a2c318c5..17710804d3 100644 --- a/scanners/zap-automation-framework/Chart.yaml +++ b/scanners/zap-automation-framework/Chart.yaml @@ -8,7 +8,7 @@ description: A Helm chart for the ZAP Automation Framework that integrates with type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 -appVersion: "2.16.0" +appVersion: "2.16.1" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/zaproxy/zaproxy/releases/latest diff --git a/scanners/zap-automation-framework/README.md b/scanners/zap-automation-framework/README.md index 8eeb109cac..57b2c3b1e1 100644 --- a/scanners/zap-automation-framework/README.md +++ b/scanners/zap-automation-framework/README.md @@ -3,7 +3,7 @@ title: "ZAP Automation Framework" category: "scanner" type: "WebApplication" state: "released" -appVersion: "2.16.0" +appVersion: "2.16.1" usecase: "WebApp & OpenAPI Vulnerability Scanner" --- @@ -495,7 +495,7 @@ Alternatively, have a look at the [official documentation](https://www.zaproxy.o | scanner.extraVolumeMounts | list | `[{"mountPath":"/zap/wrk","name":"zap-workdir"},{"mountPath":"/zap/zap-entrypoint.bash","name":"zap-automation-framework-entrypoint","readOnly":true,"subPath":"zap-entrypoint.bash"}]` | Optional VolumeMounts mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) | | scanner.extraVolumes | list | `[{"emptyDir":{},"name":"zap-workdir"},{"configMap":{"name":"zap-automation-framework-entrypoint"},"name":"zap-automation-framework-entrypoint"}]` | Optional Volumes mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) | | scanner.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images | -| scanner.image.repository | string | `"softwaresecurityproject/zap-stable"` | Container Image to run the scan | +| scanner.image.repository | string | `"docker.io/zaproxy/zap-stable"` | Container Image to run the scan | | scanner.image.tag | string | `nil` | defaults to the charts appVersion | | scanner.nameAppend | string | `nil` | append a string to the default scantype name. | | scanner.nodeSelector | object | `{}` | Optional nodeSelector settings that control how the scanner job is scheduled (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes/) | diff --git a/scanners/zap-automation-framework/docs/README.ArtifactHub.md b/scanners/zap-automation-framework/docs/README.ArtifactHub.md index 67e910eb80..e964060322 100644 --- a/scanners/zap-automation-framework/docs/README.ArtifactHub.md +++ b/scanners/zap-automation-framework/docs/README.ArtifactHub.md @@ -500,7 +500,7 @@ Alternatively, have a look at the [official documentation](https://www.zaproxy.o | scanner.extraVolumeMounts | list | `[{"mountPath":"/zap/wrk","name":"zap-workdir"},{"mountPath":"/zap/zap-entrypoint.bash","name":"zap-automation-framework-entrypoint","readOnly":true,"subPath":"zap-entrypoint.bash"}]` | Optional VolumeMounts mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) | | scanner.extraVolumes | list | `[{"emptyDir":{},"name":"zap-workdir"},{"configMap":{"name":"zap-automation-framework-entrypoint"},"name":"zap-automation-framework-entrypoint"}]` | Optional Volumes mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) | | scanner.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images | -| scanner.image.repository | string | `"softwaresecurityproject/zap-stable"` | Container Image to run the scan | +| scanner.image.repository | string | `"docker.io/zaproxy/zap-stable"` | Container Image to run the scan | | scanner.image.tag | string | `nil` | defaults to the charts appVersion | | scanner.nameAppend | string | `nil` | append a string to the default scantype name. | | scanner.nodeSelector | object | `{}` | Optional nodeSelector settings that control how the scanner job is scheduled (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes/) | diff --git a/scanners/zap-automation-framework/examples/demo-nginx-automation-scan/findings.yaml b/scanners/zap-automation-framework/examples/demo-nginx-automation-scan/findings.yaml index f9d8a2c110..ffb3be61d7 100644 --- a/scanners/zap-automation-framework/examples/demo-nginx-automation-scan/findings.yaml +++ b/scanners/zap-automation-framework/examples/demo-nginx-automation-scan/findings.yaml @@ -3,280 +3,166 @@ # SPDX-License-Identifier: Apache-2.0 [ - { - "name": "Content Security Policy (CSP) Header Not Set", - "description": "Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.", - "category": "Content Security Policy (CSP) Header Not Set", - "location": "http://nginx.demo-targets.svc", - "osi_layer": "APPLICATION", - "severity": "MEDIUM", - "attributes": { - "host": "nginx.demo-targets.svc", - "port": "80", - "zap_confidence": "3", - "zap_count": "4", - "zap_solution": "Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header, to achieve optimal browser support: \"Content-Security-Policy\" for Chrome 25+, Firefox 23+ and Safari 7+, \"X-Content-Security-Policy\" for Firefox 4.0+ and Internet Explorer 10+, and \"X-WebKit-CSP\" for Chrome 14+ and Safari 6+.", - "zap_otherinfo": null, - "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policyhttps://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.htmlhttp://www.w3.org/TR/CSP/http://w3c.github.io/webappsec/specs/content-security-policy/csp-specification.dev.htmlhttp://www.html5rocks.com/en/tutorials/security/content-security-policy/http://caniuse.com/#feat=contentsecuritypolicyhttp://content-security-policy.com/", - "zap_cweid": "693", - "zap_wascid": "15", - "zap_riskcode": "2", - "zap_pluginid": "10038", - "zap_finding_urls": [ - { - "uri": "http://nginx.demo-targets.svc", - "method": "GET", - "param": "", - "attack": "", - "evidence": "" - }, - { - "uri": "http://nginx.demo-targets.svc/", - "method": "GET", - "param": "", - "attack": "", - "evidence": "" - }, - { - "uri": "http://nginx.demo-targets.svc/robots.txt", - "method": "GET", - "param": "", - "attack": "", - "evidence": "" - }, - { - "uri": "http://nginx.demo-targets.svc/sitemap.xml", - "method": "GET", - "param": "", - "attack": "", - "evidence": "" - } - ] + { + "name": "Content Security Policy (CSP) Header Not Set", + "description": "Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.", + "hint": null, + "category": "Content Security Policy (CSP) Header Not Set", + "location": "http://nginx.demo-targets.svc", + "osi_layer": "APPLICATION", + "severity": "MEDIUM", + "references": [ + { + "type": "URL", + "value": "https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy" + }, + { + "type": "URL", + "value": "https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html" + }, + { + "type": "URL", + "value": "https://www.w3.org/TR/CSP/" + }, + { + "type": "URL", + "value": "https://w3c.github.io/webappsec-csp/" + }, + { + "type": "URL", + "value": "https://web.dev/articles/csp" + }, + { + "type": "URL", + "value": "https://caniuse.com/#feat=contentsecuritypolicy" + }, + { + "type": "URL", + "value": "https://content-security-policy.com/" + }, + { + "type": "CWE", + "value": "CWE-693" + }, + { + "type": "URL", + "value": "https://cwe.mitre.org/data/definitions/693.html" + } + ], + "mitigation": "Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.", + "attributes": { + "hostname": "nginx.demo-targets.svc", + "port": "80", + "zap_confidence": "3", + "zap_count": "3", + "zap_solution": "Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.", + "zap_otherinfo": null, + "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policyhttps://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.htmlhttps://www.w3.org/TR/CSP/https://w3c.github.io/webappsec-csp/https://web.dev/articles/csphttps://caniuse.com/#feat=contentsecuritypolicyhttps://content-security-policy.com/", + "zap_cweid": "693", + "zap_wascid": "15", + "zap_riskcode": "2", + "zap_pluginid": "10038", + "zap_finding_urls": [ + { + "uri": "http://nginx.demo-targets.svc", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" }, - "id": "4edbf082-8bc0-4b7f-a2f0-11d5b9645614", - "parsed_at": "2022-08-17T09:36:16.205Z" - }, - { - "name": "Missing Anti-clickjacking Header", - "description": "The response does not include either Content-Security-Policy with 'frame-ancestors' directive or X-Frame-Options to protect against 'ClickJacking' attacks.", - "category": "Missing Anti-clickjacking Header", - "location": "http://nginx.demo-targets.svc", - "osi_layer": "APPLICATION", - "severity": "MEDIUM", - "attributes": { - "host": "nginx.demo-targets.svc", - "port": "80", - "zap_confidence": "2", - "zap_count": "2", - "zap_solution": "Modern Web browsers support the Content-Security-Policy and X-Frame-Options HTTP headers. Ensure one of them is set on all web pages returned by your site/app.If you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. Alternatively consider implementing Content Security Policy's \"frame-ancestors\" directive.", - "zap_otherinfo": null, - "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options", - "zap_cweid": "1021", - "zap_wascid": "15", - "zap_riskcode": "2", - "zap_pluginid": "10020", - "zap_finding_urls": [ - { - "uri": "http://nginx.demo-targets.svc", - "method": "GET", - "param": "X-Frame-Options", - "attack": "", - "evidence": "" - }, - { - "uri": "http://nginx.demo-targets.svc/", - "method": "GET", - "param": "X-Frame-Options", - "attack": "", - "evidence": "" - } - ] - }, - "id": "00bc3504-6425-4c02-a221-8b816cb0e075", - "parsed_at": "2022-08-17T09:36:16.206Z" - }, - { - "name": "In Page Banner Information Leak", - "description": "The server returned a version banner string in the response content. Such information leaks may allow attackers to further target specific issues impacting the product and version in use.", - "category": "In Page Banner Information Leak", - "location": "http://nginx.demo-targets.svc", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "nginx.demo-targets.svc", - "port": "80", - "zap_confidence": "3", - "zap_count": "2", - "zap_solution": "Configure the server to prevent such information leaks. For example:Under Tomcat this is done via the \"server\" directive and implementation of custom error pages.Under Apache this is done via the \"ServerSignature\" and \"ServerTokens\" directives.", - "zap_otherinfo": "There is a chance that the highlight in the finding is on a value in the headers, versus the actual matched string in the response body.", - "zap_reference": "https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/08-Testing_for_Error_Handling/", - "zap_cweid": "200", - "zap_wascid": "13", - "zap_riskcode": "1", - "zap_pluginid": "10009", - "zap_finding_urls": [ - { - "uri": "http://nginx.demo-targets.svc/robots.txt", - "method": "GET", - "param": "", - "attack": "", - "evidence": "nginx/1.23.0" - }, - { - "uri": "http://nginx.demo-targets.svc/sitemap.xml", - "method": "GET", - "param": "", - "attack": "", - "evidence": "nginx/1.23.0" - } - ] + { + "uri": "http://nginx.demo-targets.svc/", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" }, - "id": "1b771582-a675-4126-84cd-a846d2313deb", - "parsed_at": "2022-08-17T09:36:16.206Z" + { + "uri": "http://nginx.demo-targets.svc/robots.txt", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + } + ] }, - { - "name": "Permissions Policy Header Not Set", - "description": "Permissions Policy Header is an added layer of security that helps to restrict from unauthorized access or usage of browser/client features by web resources. This policy ensures the user privacy by limiting or specifying the features of the browsers can be used by the web resources. Permissions Policy provides a set of standard HTTP headers that allow website owners to limit which features of browsers can be used by the page such as camera, microphone, location, full screen etc.", - "category": "Permissions Policy Header Not Set", - "location": "http://nginx.demo-targets.svc", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "nginx.demo-targets.svc", - "port": "80", - "zap_confidence": "2", - "zap_count": "4", - "zap_solution": "Ensure that your web server, application server, load balancer, etc. is configured to set the Permissions-Policy header.", - "zap_otherinfo": null, - "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policyhttps://developers.google.com/web/updates/2018/06/feature-policyhttps://scotthelme.co.uk/a-new-security-header-feature-policy/https://w3c.github.io/webappsec-feature-policy/https://www.smashingmagazine.com/2018/12/feature-policy/", - "zap_cweid": "693", - "zap_wascid": "15", - "zap_riskcode": "1", - "zap_pluginid": "10063", - "zap_finding_urls": [ - { - "uri": "http://nginx.demo-targets.svc", - "method": "GET", - "param": "", - "attack": "", - "evidence": "" - }, - { - "uri": "http://nginx.demo-targets.svc/", - "method": "GET", - "param": "", - "attack": "", - "evidence": "" - }, - { - "uri": "http://nginx.demo-targets.svc/robots.txt", - "method": "GET", - "param": "", - "attack": "", - "evidence": "" - }, - { - "uri": "http://nginx.demo-targets.svc/sitemap.xml", - "method": "GET", - "param": "", - "attack": "", - "evidence": "" - } - ] - }, - "id": "b73ae5d5-a4e7-42ce-a66f-5ed23c44e5f5", - "parsed_at": "2022-08-17T09:36:16.206Z" - }, - { - "name": "Server Leaks Version Information via \"Server\" HTTP Response Header Field", - "description": "The web/application server is leaking version information via the \"Server\" HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.", - "category": "Server Leaks Version Information via \"Server\" HTTP Response Header Field", - "location": "http://nginx.demo-targets.svc", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "nginx.demo-targets.svc", - "port": "80", - "zap_confidence": "3", - "zap_count": "4", - "zap_solution": "Ensure that your web server, application server, load balancer, etc. is configured to suppress the \"Server\" header or provide generic details.", - "zap_otherinfo": null, - "zap_reference": "http://httpd.apache.org/docs/current/mod/core.html#servertokenshttp://msdn.microsoft.com/en-us/library/ff648552.aspx#ht_urlscan_007http://blogs.msdn.com/b/varunm/archive/2013/04/23/remove-unwanted-http-response-headers.aspxhttp://www.troyhunt.com/2012/02/shhh-dont-let-your-response-headers.html", - "zap_cweid": "200", - "zap_wascid": "13", - "zap_riskcode": "1", - "zap_pluginid": "10036", - "zap_finding_urls": [ - { - "uri": "http://nginx.demo-targets.svc", - "method": "GET", - "param": "", - "attack": "", - "evidence": "nginx/1.23.0" - }, - { - "uri": "http://nginx.demo-targets.svc/", - "method": "GET", - "param": "", - "attack": "", - "evidence": "nginx/1.23.0" - }, - { - "uri": "http://nginx.demo-targets.svc/robots.txt", - "method": "GET", - "param": "", - "attack": "", - "evidence": "nginx/1.23.0" - }, - { - "uri": "http://nginx.demo-targets.svc/sitemap.xml", - "method": "GET", - "param": "", - "attack": "", - "evidence": "nginx/1.23.0" - } - ] + "id": "dabac27c-eec3-4e65-9f5d-9184b81b3818", + "parsed_at": "2025-04-03T16:54:22.242Z", + "scan": { + "created_at": "2025-04-03T16:52:35Z", + "name": "zap-automation-framework-juice-shop", + "namespace": "demo-targets", + "scan_type": "zap-automation-framework" + } + }, + { + "name": "X-Content-Type-Options Header Missing", + "description": "The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.", + "hint": null, + "category": "X-Content-Type-Options Header Missing", + "location": "http://nginx.demo-targets.svc", + "osi_layer": "APPLICATION", + "severity": "LOW", + "references": [ + { + "type": "URL", + "value": "https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)" + }, + { + "type": "URL", + "value": "https://owasp.org/www-community/Security_Headers" + }, + { + "type": "CWE", + "value": "CWE-693" + }, + { + "type": "URL", + "value": "https://cwe.mitre.org/data/definitions/693.html" + } + ], + "mitigation": "Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.", + "attributes": { + "hostname": "nginx.demo-targets.svc", + "port": "80", + "zap_confidence": "2", + "zap_count": "2", + "zap_solution": "Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.", + "zap_otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.At \"High\" threshold this scan rule will not alert on client or server error responses.", + "zap_reference": "https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)https://owasp.org/www-community/Security_Headers", + "zap_cweid": "693", + "zap_wascid": "15", + "zap_riskcode": "1", + "zap_pluginid": "10021", + "zap_finding_urls": [ + { + "uri": "http://nginx.demo-targets.svc", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." }, - "id": "7fe25ab8-f8f1-4692-8bde-d25ba72c065e", - "parsed_at": "2022-08-17T09:36:16.206Z" + { + "uri": "http://nginx.demo-targets.svc/", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + } + ] }, - { - "name": "X-Content-Type-Options Header Missing", - "description": "The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.", - "category": "X-Content-Type-Options Header Missing", - "location": "http://nginx.demo-targets.svc", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "nginx.demo-targets.svc", - "port": "80", - "zap_confidence": "2", - "zap_count": "2", - "zap_solution": "Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.", - "zap_otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.At \"High\" threshold this scan rule will not alert on client or server error responses.", - "zap_reference": "http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspxhttps://owasp.org/www-community/Security_Headers", - "zap_cweid": "693", - "zap_wascid": "15", - "zap_riskcode": "1", - "zap_pluginid": "10021", - "zap_finding_urls": [ - { - "uri": "http://nginx.demo-targets.svc", - "method": "GET", - "param": "X-Content-Type-Options", - "attack": "", - "evidence": "" - }, - { - "uri": "http://nginx.demo-targets.svc/", - "method": "GET", - "param": "X-Content-Type-Options", - "attack": "", - "evidence": "" - } - ] - }, - "id": "d6c3d54d-23a6-4217-89aa-4c43512316e3", - "parsed_at": "2022-08-17T09:36:16.206Z" + "id": "e161f9bc-260d-48ad-9d1a-4741f5fc4b5b", + "parsed_at": "2025-04-03T16:54:22.242Z", + "scan": { + "created_at": "2025-04-03T16:52:35Z", + "name": "zap-automation-framework-juice-shop", + "namespace": "demo-targets", + "scan_type": "zap-automation-framework" } -] \ No newline at end of file + } +] diff --git a/scanners/zap-automation-framework/examples/demo-nginx-automation-scan/zap-results.json b/scanners/zap-automation-framework/examples/demo-nginx-automation-scan/zap-results.json index 88194fb632..3e996350db 100644 --- a/scanners/zap-automation-framework/examples/demo-nginx-automation-scan/zap-results.json +++ b/scanners/zap-automation-framework/examples/demo-nginx-automation-scan/zap-results.json @@ -1,278 +1,164 @@ [ - { - "name": "Content Security Policy (CSP) Header Not Set", - "description": "Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.", - "category": "Content Security Policy (CSP) Header Not Set", - "location": "http://nginx.demo-targets.svc", - "osi_layer": "APPLICATION", - "severity": "MEDIUM", - "attributes": { - "host": "nginx.demo-targets.svc", - "port": "80", - "zap_confidence": "3", - "zap_count": "4", - "zap_solution": "Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header, to achieve optimal browser support: \"Content-Security-Policy\" for Chrome 25+, Firefox 23+ and Safari 7+, \"X-Content-Security-Policy\" for Firefox 4.0+ and Internet Explorer 10+, and \"X-WebKit-CSP\" for Chrome 14+ and Safari 6+.", - "zap_otherinfo": null, - "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policyhttps://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.htmlhttp://www.w3.org/TR/CSP/http://w3c.github.io/webappsec/specs/content-security-policy/csp-specification.dev.htmlhttp://www.html5rocks.com/en/tutorials/security/content-security-policy/http://caniuse.com/#feat=contentsecuritypolicyhttp://content-security-policy.com/", - "zap_cweid": "693", - "zap_wascid": "15", - "zap_riskcode": "2", - "zap_pluginid": "10038", - "zap_finding_urls": [ - { - "uri": "http://nginx.demo-targets.svc", - "method": "GET", - "param": "", - "attack": "", - "evidence": "" - }, - { - "uri": "http://nginx.demo-targets.svc/", - "method": "GET", - "param": "", - "attack": "", - "evidence": "" - }, - { - "uri": "http://nginx.demo-targets.svc/robots.txt", - "method": "GET", - "param": "", - "attack": "", - "evidence": "" - }, - { - "uri": "http://nginx.demo-targets.svc/sitemap.xml", - "method": "GET", - "param": "", - "attack": "", - "evidence": "" - } - ] + { + "name": "Content Security Policy (CSP) Header Not Set", + "description": "Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.", + "hint": null, + "category": "Content Security Policy (CSP) Header Not Set", + "location": "http://nginx.demo-targets.svc", + "osi_layer": "APPLICATION", + "severity": "MEDIUM", + "references": [ + { + "type": "URL", + "value": "https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy" + }, + { + "type": "URL", + "value": "https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html" + }, + { + "type": "URL", + "value": "https://www.w3.org/TR/CSP/" + }, + { + "type": "URL", + "value": "https://w3c.github.io/webappsec-csp/" + }, + { + "type": "URL", + "value": "https://web.dev/articles/csp" + }, + { + "type": "URL", + "value": "https://caniuse.com/#feat=contentsecuritypolicy" + }, + { + "type": "URL", + "value": "https://content-security-policy.com/" + }, + { + "type": "CWE", + "value": "CWE-693" + }, + { + "type": "URL", + "value": "https://cwe.mitre.org/data/definitions/693.html" + } + ], + "mitigation": "Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.", + "attributes": { + "hostname": "nginx.demo-targets.svc", + "port": "80", + "zap_confidence": "3", + "zap_count": "3", + "zap_solution": "Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.", + "zap_otherinfo": null, + "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policyhttps://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.htmlhttps://www.w3.org/TR/CSP/https://w3c.github.io/webappsec-csp/https://web.dev/articles/csphttps://caniuse.com/#feat=contentsecuritypolicyhttps://content-security-policy.com/", + "zap_cweid": "693", + "zap_wascid": "15", + "zap_riskcode": "2", + "zap_pluginid": "10038", + "zap_finding_urls": [ + { + "uri": "http://nginx.demo-targets.svc", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" }, - "id": "4edbf082-8bc0-4b7f-a2f0-11d5b9645614", - "parsed_at": "2022-08-17T09:36:16.205Z" - }, - { - "name": "Missing Anti-clickjacking Header", - "description": "The response does not include either Content-Security-Policy with 'frame-ancestors' directive or X-Frame-Options to protect against 'ClickJacking' attacks.", - "category": "Missing Anti-clickjacking Header", - "location": "http://nginx.demo-targets.svc", - "osi_layer": "APPLICATION", - "severity": "MEDIUM", - "attributes": { - "host": "nginx.demo-targets.svc", - "port": "80", - "zap_confidence": "2", - "zap_count": "2", - "zap_solution": "Modern Web browsers support the Content-Security-Policy and X-Frame-Options HTTP headers. Ensure one of them is set on all web pages returned by your site/app.If you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. Alternatively consider implementing Content Security Policy's \"frame-ancestors\" directive.", - "zap_otherinfo": null, - "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options", - "zap_cweid": "1021", - "zap_wascid": "15", - "zap_riskcode": "2", - "zap_pluginid": "10020", - "zap_finding_urls": [ - { - "uri": "http://nginx.demo-targets.svc", - "method": "GET", - "param": "X-Frame-Options", - "attack": "", - "evidence": "" - }, - { - "uri": "http://nginx.demo-targets.svc/", - "method": "GET", - "param": "X-Frame-Options", - "attack": "", - "evidence": "" - } - ] - }, - "id": "00bc3504-6425-4c02-a221-8b816cb0e075", - "parsed_at": "2022-08-17T09:36:16.206Z" - }, - { - "name": "In Page Banner Information Leak", - "description": "The server returned a version banner string in the response content. Such information leaks may allow attackers to further target specific issues impacting the product and version in use.", - "category": "In Page Banner Information Leak", - "location": "http://nginx.demo-targets.svc", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "nginx.demo-targets.svc", - "port": "80", - "zap_confidence": "3", - "zap_count": "2", - "zap_solution": "Configure the server to prevent such information leaks. For example:Under Tomcat this is done via the \"server\" directive and implementation of custom error pages.Under Apache this is done via the \"ServerSignature\" and \"ServerTokens\" directives.", - "zap_otherinfo": "There is a chance that the highlight in the finding is on a value in the headers, versus the actual matched string in the response body.", - "zap_reference": "https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/08-Testing_for_Error_Handling/", - "zap_cweid": "200", - "zap_wascid": "13", - "zap_riskcode": "1", - "zap_pluginid": "10009", - "zap_finding_urls": [ - { - "uri": "http://nginx.demo-targets.svc/robots.txt", - "method": "GET", - "param": "", - "attack": "", - "evidence": "nginx/1.23.0" - }, - { - "uri": "http://nginx.demo-targets.svc/sitemap.xml", - "method": "GET", - "param": "", - "attack": "", - "evidence": "nginx/1.23.0" - } - ] + { + "uri": "http://nginx.demo-targets.svc/", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" }, - "id": "1b771582-a675-4126-84cd-a846d2313deb", - "parsed_at": "2022-08-17T09:36:16.206Z" + { + "uri": "http://nginx.demo-targets.svc/robots.txt", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + } + ] }, - { - "name": "Permissions Policy Header Not Set", - "description": "Permissions Policy Header is an added layer of security that helps to restrict from unauthorized access or usage of browser/client features by web resources. This policy ensures the user privacy by limiting or specifying the features of the browsers can be used by the web resources. Permissions Policy provides a set of standard HTTP headers that allow website owners to limit which features of browsers can be used by the page such as camera, microphone, location, full screen etc.", - "category": "Permissions Policy Header Not Set", - "location": "http://nginx.demo-targets.svc", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "nginx.demo-targets.svc", - "port": "80", - "zap_confidence": "2", - "zap_count": "4", - "zap_solution": "Ensure that your web server, application server, load balancer, etc. is configured to set the Permissions-Policy header.", - "zap_otherinfo": null, - "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policyhttps://developers.google.com/web/updates/2018/06/feature-policyhttps://scotthelme.co.uk/a-new-security-header-feature-policy/https://w3c.github.io/webappsec-feature-policy/https://www.smashingmagazine.com/2018/12/feature-policy/", - "zap_cweid": "693", - "zap_wascid": "15", - "zap_riskcode": "1", - "zap_pluginid": "10063", - "zap_finding_urls": [ - { - "uri": "http://nginx.demo-targets.svc", - "method": "GET", - "param": "", - "attack": "", - "evidence": "" - }, - { - "uri": "http://nginx.demo-targets.svc/", - "method": "GET", - "param": "", - "attack": "", - "evidence": "" - }, - { - "uri": "http://nginx.demo-targets.svc/robots.txt", - "method": "GET", - "param": "", - "attack": "", - "evidence": "" - }, - { - "uri": "http://nginx.demo-targets.svc/sitemap.xml", - "method": "GET", - "param": "", - "attack": "", - "evidence": "" - } - ] - }, - "id": "b73ae5d5-a4e7-42ce-a66f-5ed23c44e5f5", - "parsed_at": "2022-08-17T09:36:16.206Z" - }, - { - "name": "Server Leaks Version Information via \"Server\" HTTP Response Header Field", - "description": "The web/application server is leaking version information via the \"Server\" HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.", - "category": "Server Leaks Version Information via \"Server\" HTTP Response Header Field", - "location": "http://nginx.demo-targets.svc", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "nginx.demo-targets.svc", - "port": "80", - "zap_confidence": "3", - "zap_count": "4", - "zap_solution": "Ensure that your web server, application server, load balancer, etc. is configured to suppress the \"Server\" header or provide generic details.", - "zap_otherinfo": null, - "zap_reference": "http://httpd.apache.org/docs/current/mod/core.html#servertokenshttp://msdn.microsoft.com/en-us/library/ff648552.aspx#ht_urlscan_007http://blogs.msdn.com/b/varunm/archive/2013/04/23/remove-unwanted-http-response-headers.aspxhttp://www.troyhunt.com/2012/02/shhh-dont-let-your-response-headers.html", - "zap_cweid": "200", - "zap_wascid": "13", - "zap_riskcode": "1", - "zap_pluginid": "10036", - "zap_finding_urls": [ - { - "uri": "http://nginx.demo-targets.svc", - "method": "GET", - "param": "", - "attack": "", - "evidence": "nginx/1.23.0" - }, - { - "uri": "http://nginx.demo-targets.svc/", - "method": "GET", - "param": "", - "attack": "", - "evidence": "nginx/1.23.0" - }, - { - "uri": "http://nginx.demo-targets.svc/robots.txt", - "method": "GET", - "param": "", - "attack": "", - "evidence": "nginx/1.23.0" - }, - { - "uri": "http://nginx.demo-targets.svc/sitemap.xml", - "method": "GET", - "param": "", - "attack": "", - "evidence": "nginx/1.23.0" - } - ] + "id": "dabac27c-eec3-4e65-9f5d-9184b81b3818", + "parsed_at": "2025-04-03T16:54:22.242Z", + "scan": { + "created_at": "2025-04-03T16:52:35Z", + "name": "zap-automation-framework-juice-shop", + "namespace": "demo-targets", + "scan_type": "zap-automation-framework" + } + }, + { + "name": "X-Content-Type-Options Header Missing", + "description": "The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.", + "hint": null, + "category": "X-Content-Type-Options Header Missing", + "location": "http://nginx.demo-targets.svc", + "osi_layer": "APPLICATION", + "severity": "LOW", + "references": [ + { + "type": "URL", + "value": "https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)" + }, + { + "type": "URL", + "value": "https://owasp.org/www-community/Security_Headers" + }, + { + "type": "CWE", + "value": "CWE-693" + }, + { + "type": "URL", + "value": "https://cwe.mitre.org/data/definitions/693.html" + } + ], + "mitigation": "Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.", + "attributes": { + "hostname": "nginx.demo-targets.svc", + "port": "80", + "zap_confidence": "2", + "zap_count": "2", + "zap_solution": "Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.", + "zap_otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.At \"High\" threshold this scan rule will not alert on client or server error responses.", + "zap_reference": "https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)https://owasp.org/www-community/Security_Headers", + "zap_cweid": "693", + "zap_wascid": "15", + "zap_riskcode": "1", + "zap_pluginid": "10021", + "zap_finding_urls": [ + { + "uri": "http://nginx.demo-targets.svc", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." }, - "id": "7fe25ab8-f8f1-4692-8bde-d25ba72c065e", - "parsed_at": "2022-08-17T09:36:16.206Z" + { + "uri": "http://nginx.demo-targets.svc/", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + } + ] }, - { - "name": "X-Content-Type-Options Header Missing", - "description": "The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.", - "category": "X-Content-Type-Options Header Missing", - "location": "http://nginx.demo-targets.svc", - "osi_layer": "APPLICATION", - "severity": "LOW", - "attributes": { - "host": "nginx.demo-targets.svc", - "port": "80", - "zap_confidence": "2", - "zap_count": "2", - "zap_solution": "Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.", - "zap_otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.At \"High\" threshold this scan rule will not alert on client or server error responses.", - "zap_reference": "http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspxhttps://owasp.org/www-community/Security_Headers", - "zap_cweid": "693", - "zap_wascid": "15", - "zap_riskcode": "1", - "zap_pluginid": "10021", - "zap_finding_urls": [ - { - "uri": "http://nginx.demo-targets.svc", - "method": "GET", - "param": "X-Content-Type-Options", - "attack": "", - "evidence": "" - }, - { - "uri": "http://nginx.demo-targets.svc/", - "method": "GET", - "param": "X-Content-Type-Options", - "attack": "", - "evidence": "" - } - ] - }, - "id": "d6c3d54d-23a6-4217-89aa-4c43512316e3", - "parsed_at": "2022-08-17T09:36:16.206Z" + "id": "e161f9bc-260d-48ad-9d1a-4741f5fc4b5b", + "parsed_at": "2025-04-03T16:54:22.242Z", + "scan": { + "created_at": "2025-04-03T16:52:35Z", + "name": "zap-automation-framework-juice-shop", + "namespace": "demo-targets", + "scan_type": "zap-automation-framework" } -] \ No newline at end of file + } +] diff --git a/scanners/zap-automation-framework/examples/demo-zap-advanced-scan/findings.yaml b/scanners/zap-automation-framework/examples/demo-zap-advanced-scan/findings.yaml index 7412b57937..7f243e4ebc 100644 --- a/scanners/zap-automation-framework/examples/demo-zap-advanced-scan/findings.yaml +++ b/scanners/zap-automation-framework/examples/demo-zap-advanced-scan/findings.yaml @@ -3,2077 +3,2200 @@ # SPDX-License-Identifier: Apache-2.0 [ - { - "name": "Cross Site Scripting (DOM Based)", - "description": "Cross-site Scripting (XSS) is an attack technique that involves echoing attacker-supplied code into a user's browser instance. A browser instance can be a standard web browser client, or a browser object embedded in a software product such as the browser within WinAmp, an RSS reader, or an email client. The code itself is usually written in HTML/JavaScript, but may also extend to VBScript, ActiveX, Java, Flash, or any other browser-supported technology.When an attacker gets a user's browser to execute his/her code, the code will run within the security context (or zone) of the hosting web site. With this level of privilege, the code has the ability to read, modify and transmit any sensitive data accessible by the browser. A Cross-site Scripted user could have his/her account hijacked (cookie theft), their browser redirected to another location, or possibly shown fraudulent content delivered by the web site they are visiting. Cross-site Scripting attacks essentially compromise the trust relationship between a user and the web site. Applications utilizing browser object instances which load content from the file system may execute code under the local machine zone allowing for system compromise.There are three types of Cross-site Scripting attacks: non-persistent, persistent and DOM-based.Non-persistent attacks and DOM-based attacks require a user to either visit a specially crafted link laced with malicious code, or visit a malicious web page containing a web form, which when posted to the vulnerable site, will mount the attack. Using a malicious form will oftentimes take place when the vulnerable resource only accepts HTTP POST requests. In such a case, the form can be submitted automatically, without the victim's knowledge (e.g. by using JavaScript). Upon clicking on the malicious link or submitting the malicious form, the XSS payload will get echoed back and will get interpreted by the user's browser and execute. Another technique to send almost arbitrary requests (GET and POST) is by using an embedded client, such as Adobe Flash.Persistent attacks occur when the malicious code is submitted to a web site where it's stored for a period of time. Examples of an attacker's favorite targets often include message board posts, web mail messages, and web chat software. The unsuspecting user is not required to interact with any additional site/link (e.g. an attacker site or a malicious link sent via email), just simply view the web page containing the code.", - "hint": null, - "category": "Cross Site Scripting (DOM Based)", - "location": "http://bodgeit.default.svc:8080", - "osi_layer": "APPLICATION", - "severity": "HIGH", - "references": [ - { - "type": "URL", - "value": "https://owasp.org/www-community/attacks/xss/" - }, - { - "type": "URL", - "value": "https://cwe.mitre.org/data/definitions/79.html" - }, - { - "type": "CWE", - "value": "CWE-79" - }, - { - "type": "URL", - "value": "https://cwe.mitre.org/data/definitions/79.html" - } - ], - "mitigation": "Phase: Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.Examples of libraries and frameworks that make it easier to generate properly encoded output include Microsoft's Anti-XSS library, the OWASP ESAPI Encoding module, and Apache Wicket.Phases: Implementation; Architecture and DesignUnderstand the context in which your data will be used and the encoding that will be expected. This is especially important when transmitting data between different components, or when generating outputs that can contain multiple encodings at the same time, such as web pages or multi-part mail messages. Study all expected communication protocols and data representations to determine the required encoding strategies.For any data that will be output to another web page, especially any data that was received from external inputs, use the appropriate encoding on all non-alphanumeric characters.Consult the XSS Prevention Cheat Sheet for more details on the types of encoding and escaping that are needed.Phase: Architecture and DesignFor any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.If available, use structured mechanisms that automatically enforce the separation between data and code. These mechanisms may be able to provide the relevant quoting, encoding, and validation automatically, instead of relying on the developer to provide this capability at every point where output is generated.Phase: ImplementationFor every web page that is generated, use and specify a character encoding such as ISO-8859-1 or UTF-8. When an encoding is not specified, the web browser may choose a different encoding by guessing which encoding is actually being used by the web page. This can cause the web browser to treat certain sequences as special, opening up the client to subtle XSS attacks. See CWE-116 for more mitigations related to encoding/escaping.To help mitigate XSS attacks against the user's session cookie, set the session cookie to be HttpOnly. In browsers that support the HttpOnly feature (such as more recent versions of Internet Explorer and Firefox), this attribute can prevent the user's session cookie from being accessible to malicious client-side scripts that use document.cookie. This is not a complete solution, since HttpOnly is not supported by all browsers. More importantly, XMLHTTPRequest and other powerful browser technologies provide read access to HTTP headers, including the Set-Cookie header in which the HttpOnly flag is set.Assume all input is malicious. Use an \"accept known good\" input validation strategy, i.e., use an allow list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a deny list). However, deny lists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, \"boat\" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as \"red\" or \"blue.\"Ensure that you perform input validation at well-defined interfaces within the application. This will help protect the application even if a component is reused or moved elsewhere.\t", - "attributes": { - "hostname": "bodgeit.default.svc", - "port": "8080", - "zap_confidence": "3", - "zap_count": "1", - "zap_solution": "Phase: Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.Examples of libraries and frameworks that make it easier to generate properly encoded output include Microsoft's Anti-XSS library, the OWASP ESAPI Encoding module, and Apache Wicket.Phases: Implementation; Architecture and DesignUnderstand the context in which your data will be used and the encoding that will be expected. This is especially important when transmitting data between different components, or when generating outputs that can contain multiple encodings at the same time, such as web pages or multi-part mail messages. Study all expected communication protocols and data representations to determine the required encoding strategies.For any data that will be output to another web page, especially any data that was received from external inputs, use the appropriate encoding on all non-alphanumeric characters.Consult the XSS Prevention Cheat Sheet for more details on the types of encoding and escaping that are needed.Phase: Architecture and DesignFor any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.If available, use structured mechanisms that automatically enforce the separation between data and code. These mechanisms may be able to provide the relevant quoting, encoding, and validation automatically, instead of relying on the developer to provide this capability at every point where output is generated.Phase: ImplementationFor every web page that is generated, use and specify a character encoding such as ISO-8859-1 or UTF-8. When an encoding is not specified, the web browser may choose a different encoding by guessing which encoding is actually being used by the web page. This can cause the web browser to treat certain sequences as special, opening up the client to subtle XSS attacks. See CWE-116 for more mitigations related to encoding/escaping.To help mitigate XSS attacks against the user's session cookie, set the session cookie to be HttpOnly. In browsers that support the HttpOnly feature (such as more recent versions of Internet Explorer and Firefox), this attribute can prevent the user's session cookie from being accessible to malicious client-side scripts that use document.cookie. This is not a complete solution, since HttpOnly is not supported by all browsers. More importantly, XMLHTTPRequest and other powerful browser technologies provide read access to HTTP headers, including the Set-Cookie header in which the HttpOnly flag is set.Assume all input is malicious. Use an \"accept known good\" input validation strategy, i.e., use an allow list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a deny list). However, deny lists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, \"boat\" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as \"red\" or \"blue.\"Ensure that you perform input validation at well-defined interfaces within the application. This will help protect the application even if a component is reused or moved elsewhere.\t", - "zap_otherinfo": "Tag name: input Att name: Att id: ", - "zap_reference": "https://owasp.org/www-community/attacks/xss/https://cwe.mitre.org/data/definitions/79.html", - "zap_cweid": "79", - "zap_wascid": "8", - "zap_riskcode": "3", - "zap_pluginid": "40026", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/search.jsp#jaVasCript:/*-/*`/*\\`/*'/*\"/**/(/* */oNcliCk=alert(5397) )//%0D%0A%0d%0a//\\x3csVg/\\x3e", - "method": "GET", - "param": "", - "attack": "#jaVasCript:/*-/*`/*\\`/*'/*\"/**/(/* */oNcliCk=alert(5397) )//%0D%0A%0d%0a//\\x3csVg/\\x3e", - "evidence": "", - "otherinfo": "Tag name: input Att name: Att id: " - } - ] - }, - "id": "a5353427-2555-47a7-8289-f1f6b73aa42c", - "parsed_at": "2024-04-09T09:05:27.822Z" + { + "name": "Cross Site Scripting (Reflected)", + "description": "Cross-site Scripting (XSS) is an attack technique that involves echoing attacker-supplied code into a user's browser instance. A browser instance can be a standard web browser client, or a browser object embedded in a software product such as the browser within WinAmp, an RSS reader, or an email client. The code itself is usually written in HTML/JavaScript, but may also extend to VBScript, ActiveX, Java, Flash, or any other browser-supported technology.When an attacker gets a user's browser to execute his/her code, the code will run within the security context (or zone) of the hosting web site. With this level of privilege, the code has the ability to read, modify and transmit any sensitive data accessible by the browser. A Cross-site Scripted user could have his/her account hijacked (cookie theft), their browser redirected to another location, or possibly shown fraudulent content delivered by the web site they are visiting. Cross-site Scripting attacks essentially compromise the trust relationship between a user and the web site. Applications utilizing browser object instances which load content from the file system may execute code under the local machine zone allowing for system compromise.There are three types of Cross-site Scripting attacks: non-persistent, persistent and DOM-based.Non-persistent attacks and DOM-based attacks require a user to either visit a specially crafted link laced with malicious code, or visit a malicious web page containing a web form, which when posted to the vulnerable site, will mount the attack. Using a malicious form will oftentimes take place when the vulnerable resource only accepts HTTP POST requests. In such a case, the form can be submitted automatically, without the victim's knowledge (e.g. by using JavaScript). Upon clicking on the malicious link or submitting the malicious form, the XSS payload will get echoed back and will get interpreted by the user's browser and execute. Another technique to send almost arbitrary requests (GET and POST) is by using an embedded client, such as Adobe Flash.Persistent attacks occur when the malicious code is submitted to a web site where it's stored for a period of time. Examples of an attacker's favorite targets often include message board posts, web mail messages, and web chat software. The unsuspecting user is not required to interact with any additional site/link (e.g. an attacker site or a malicious link sent via email), just simply view the web page containing the code.", + "hint": null, + "category": "Cross Site Scripting (Reflected)", + "location": "http://bodgeit.default.svc:8080", + "osi_layer": "APPLICATION", + "severity": "HIGH", + "references": [ + { + "type": "URL", + "value": "https://owasp.org/www-community/attacks/xss/" + }, + { + "type": "URL", + "value": "https://cwe.mitre.org/data/definitions/79.html" + }, + { + "type": "CWE", + "value": "CWE-79" + }, + { + "type": "URL", + "value": "https://cwe.mitre.org/data/definitions/79.html" + } + ], + "mitigation": "Phase: Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.Examples of libraries and frameworks that make it easier to generate properly encoded output include Microsoft's Anti-XSS library, the OWASP ESAPI Encoding module, and Apache Wicket.Phases: Implementation; Architecture and DesignUnderstand the context in which your data will be used and the encoding that will be expected. This is especially important when transmitting data between different components, or when generating outputs that can contain multiple encodings at the same time, such as web pages or multi-part mail messages. Study all expected communication protocols and data representations to determine the required encoding strategies.For any data that will be output to another web page, especially any data that was received from external inputs, use the appropriate encoding on all non-alphanumeric characters.Consult the XSS Prevention Cheat Sheet for more details on the types of encoding and escaping that are needed.Phase: Architecture and DesignFor any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.If available, use structured mechanisms that automatically enforce the separation between data and code. These mechanisms may be able to provide the relevant quoting, encoding, and validation automatically, instead of relying on the developer to provide this capability at every point where output is generated.Phase: ImplementationFor every web page that is generated, use and specify a character encoding such as ISO-8859-1 or UTF-8. When an encoding is not specified, the web browser may choose a different encoding by guessing which encoding is actually being used by the web page. This can cause the web browser to treat certain sequences as special, opening up the client to subtle XSS attacks. See CWE-116 for more mitigations related to encoding/escaping.To help mitigate XSS attacks against the user's session cookie, set the session cookie to be HttpOnly. In browsers that support the HttpOnly feature (such as more recent versions of Internet Explorer and Firefox), this attribute can prevent the user's session cookie from being accessible to malicious client-side scripts that use document.cookie. This is not a complete solution, since HttpOnly is not supported by all browsers. More importantly, XMLHTTPRequest and other powerful browser technologies provide read access to HTTP headers, including the Set-Cookie header in which the HttpOnly flag is set.Assume all input is malicious. Use an \"accept known good\" input validation strategy, i.e., use an allow list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a deny list). However, deny lists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, \"boat\" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as \"red\" or \"blue.\"Ensure that you perform input validation at well-defined interfaces within the application. This will help protect the application even if a component is reused or moved elsewhere.\t", + "attributes": { + "hostname": "bodgeit.default.svc", + "port": "8080", + "zap_confidence": "2", + "zap_count": "1", + "zap_solution": "Phase: Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.Examples of libraries and frameworks that make it easier to generate properly encoded output include Microsoft's Anti-XSS library, the OWASP ESAPI Encoding module, and Apache Wicket.Phases: Implementation; Architecture and DesignUnderstand the context in which your data will be used and the encoding that will be expected. This is especially important when transmitting data between different components, or when generating outputs that can contain multiple encodings at the same time, such as web pages or multi-part mail messages. Study all expected communication protocols and data representations to determine the required encoding strategies.For any data that will be output to another web page, especially any data that was received from external inputs, use the appropriate encoding on all non-alphanumeric characters.Consult the XSS Prevention Cheat Sheet for more details on the types of encoding and escaping that are needed.Phase: Architecture and DesignFor any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.If available, use structured mechanisms that automatically enforce the separation between data and code. These mechanisms may be able to provide the relevant quoting, encoding, and validation automatically, instead of relying on the developer to provide this capability at every point where output is generated.Phase: ImplementationFor every web page that is generated, use and specify a character encoding such as ISO-8859-1 or UTF-8. When an encoding is not specified, the web browser may choose a different encoding by guessing which encoding is actually being used by the web page. This can cause the web browser to treat certain sequences as special, opening up the client to subtle XSS attacks. See CWE-116 for more mitigations related to encoding/escaping.To help mitigate XSS attacks against the user's session cookie, set the session cookie to be HttpOnly. In browsers that support the HttpOnly feature (such as more recent versions of Internet Explorer and Firefox), this attribute can prevent the user's session cookie from being accessible to malicious client-side scripts that use document.cookie. This is not a complete solution, since HttpOnly is not supported by all browsers. More importantly, XMLHTTPRequest and other powerful browser technologies provide read access to HTTP headers, including the Set-Cookie header in which the HttpOnly flag is set.Assume all input is malicious. Use an \"accept known good\" input validation strategy, i.e., use an allow list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a deny list). However, deny lists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, \"boat\" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as \"red\" or \"blue.\"Ensure that you perform input validation at well-defined interfaces within the application. This will help protect the application even if a component is reused or moved elsewhere.\t", + "zap_otherinfo": null, + "zap_reference": "https://owasp.org/www-community/attacks/xss/https://cwe.mitre.org/data/definitions/79.html", + "zap_cweid": "79", + "zap_wascid": "8", + "zap_riskcode": "3", + "zap_pluginid": "40012", + "zap_finding_urls": [ + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/search.jsp?q=%3C%2Ffont%3E%3CscrIpt%3Ealert%281%29%3B%3C%2FscRipt%3E%3Cfont%3E", + "method": "GET", + "param": "q", + "attack": "", + "evidence": "", + "otherinfo": "" + } + ] }, - { - "name": "Cross Site Scripting (Reflected)", - "description": "Cross-site Scripting (XSS) is an attack technique that involves echoing attacker-supplied code into a user's browser instance. A browser instance can be a standard web browser client, or a browser object embedded in a software product such as the browser within WinAmp, an RSS reader, or an email client. The code itself is usually written in HTML/JavaScript, but may also extend to VBScript, ActiveX, Java, Flash, or any other browser-supported technology.When an attacker gets a user's browser to execute his/her code, the code will run within the security context (or zone) of the hosting web site. With this level of privilege, the code has the ability to read, modify and transmit any sensitive data accessible by the browser. A Cross-site Scripted user could have his/her account hijacked (cookie theft), their browser redirected to another location, or possibly shown fraudulent content delivered by the web site they are visiting. Cross-site Scripting attacks essentially compromise the trust relationship between a user and the web site. Applications utilizing browser object instances which load content from the file system may execute code under the local machine zone allowing for system compromise.There are three types of Cross-site Scripting attacks: non-persistent, persistent and DOM-based.Non-persistent attacks and DOM-based attacks require a user to either visit a specially crafted link laced with malicious code, or visit a malicious web page containing a web form, which when posted to the vulnerable site, will mount the attack. Using a malicious form will oftentimes take place when the vulnerable resource only accepts HTTP POST requests. In such a case, the form can be submitted automatically, without the victim's knowledge (e.g. by using JavaScript). Upon clicking on the malicious link or submitting the malicious form, the XSS payload will get echoed back and will get interpreted by the user's browser and execute. Another technique to send almost arbitrary requests (GET and POST) is by using an embedded client, such as Adobe Flash.Persistent attacks occur when the malicious code is submitted to a web site where it's stored for a period of time. Examples of an attacker's favorite targets often include message board posts, web mail messages, and web chat software. The unsuspecting user is not required to interact with any additional site/link (e.g. an attacker site or a malicious link sent via email), just simply view the web page containing the code.", - "hint": null, - "category": "Cross Site Scripting (Reflected)", - "location": "http://bodgeit.default.svc:8080", - "osi_layer": "APPLICATION", - "severity": "HIGH", - "references": [ - { - "type": "URL", - "value": "https://owasp.org/www-community/attacks/xss/" - }, - { - "type": "URL", - "value": "https://cwe.mitre.org/data/definitions/79.html" - }, - { - "type": "CWE", - "value": "CWE-79" - }, - { - "type": "URL", - "value": "https://cwe.mitre.org/data/definitions/79.html" - } - ], - "mitigation": "Phase: Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.Examples of libraries and frameworks that make it easier to generate properly encoded output include Microsoft's Anti-XSS library, the OWASP ESAPI Encoding module, and Apache Wicket.Phases: Implementation; Architecture and DesignUnderstand the context in which your data will be used and the encoding that will be expected. This is especially important when transmitting data between different components, or when generating outputs that can contain multiple encodings at the same time, such as web pages or multi-part mail messages. Study all expected communication protocols and data representations to determine the required encoding strategies.For any data that will be output to another web page, especially any data that was received from external inputs, use the appropriate encoding on all non-alphanumeric characters.Consult the XSS Prevention Cheat Sheet for more details on the types of encoding and escaping that are needed.Phase: Architecture and DesignFor any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.If available, use structured mechanisms that automatically enforce the separation between data and code. These mechanisms may be able to provide the relevant quoting, encoding, and validation automatically, instead of relying on the developer to provide this capability at every point where output is generated.Phase: ImplementationFor every web page that is generated, use and specify a character encoding such as ISO-8859-1 or UTF-8. When an encoding is not specified, the web browser may choose a different encoding by guessing which encoding is actually being used by the web page. This can cause the web browser to treat certain sequences as special, opening up the client to subtle XSS attacks. See CWE-116 for more mitigations related to encoding/escaping.To help mitigate XSS attacks against the user's session cookie, set the session cookie to be HttpOnly. In browsers that support the HttpOnly feature (such as more recent versions of Internet Explorer and Firefox), this attribute can prevent the user's session cookie from being accessible to malicious client-side scripts that use document.cookie. This is not a complete solution, since HttpOnly is not supported by all browsers. More importantly, XMLHTTPRequest and other powerful browser technologies provide read access to HTTP headers, including the Set-Cookie header in which the HttpOnly flag is set.Assume all input is malicious. Use an \"accept known good\" input validation strategy, i.e., use an allow list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a deny list). However, deny lists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, \"boat\" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as \"red\" or \"blue.\"Ensure that you perform input validation at well-defined interfaces within the application. This will help protect the application even if a component is reused or moved elsewhere.\t", - "attributes": { - "hostname": "bodgeit.default.svc", - "port": "8080", - "zap_confidence": "2", - "zap_count": "1", - "zap_solution": "Phase: Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.Examples of libraries and frameworks that make it easier to generate properly encoded output include Microsoft's Anti-XSS library, the OWASP ESAPI Encoding module, and Apache Wicket.Phases: Implementation; Architecture and DesignUnderstand the context in which your data will be used and the encoding that will be expected. This is especially important when transmitting data between different components, or when generating outputs that can contain multiple encodings at the same time, such as web pages or multi-part mail messages. Study all expected communication protocols and data representations to determine the required encoding strategies.For any data that will be output to another web page, especially any data that was received from external inputs, use the appropriate encoding on all non-alphanumeric characters.Consult the XSS Prevention Cheat Sheet for more details on the types of encoding and escaping that are needed.Phase: Architecture and DesignFor any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.If available, use structured mechanisms that automatically enforce the separation between data and code. These mechanisms may be able to provide the relevant quoting, encoding, and validation automatically, instead of relying on the developer to provide this capability at every point where output is generated.Phase: ImplementationFor every web page that is generated, use and specify a character encoding such as ISO-8859-1 or UTF-8. When an encoding is not specified, the web browser may choose a different encoding by guessing which encoding is actually being used by the web page. This can cause the web browser to treat certain sequences as special, opening up the client to subtle XSS attacks. See CWE-116 for more mitigations related to encoding/escaping.To help mitigate XSS attacks against the user's session cookie, set the session cookie to be HttpOnly. In browsers that support the HttpOnly feature (such as more recent versions of Internet Explorer and Firefox), this attribute can prevent the user's session cookie from being accessible to malicious client-side scripts that use document.cookie. This is not a complete solution, since HttpOnly is not supported by all browsers. More importantly, XMLHTTPRequest and other powerful browser technologies provide read access to HTTP headers, including the Set-Cookie header in which the HttpOnly flag is set.Assume all input is malicious. Use an \"accept known good\" input validation strategy, i.e., use an allow list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a deny list). However, deny lists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, \"boat\" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as \"red\" or \"blue.\"Ensure that you perform input validation at well-defined interfaces within the application. This will help protect the application even if a component is reused or moved elsewhere.\t", - "zap_otherinfo": null, - "zap_reference": "https://owasp.org/www-community/attacks/xss/https://cwe.mitre.org/data/definitions/79.html", - "zap_cweid": "79", - "zap_wascid": "8", - "zap_riskcode": "3", - "zap_pluginid": "40012", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/search.jsp?q=%3C%2Ffont%3E%3CscrIpt%3Ealert%281%29%3B%3C%2FscRipt%3E%3Cfont%3E", - "method": "GET", - "param": "q", - "attack": "", - "evidence": "", - "otherinfo": "" - } - ] - }, - "id": "8fe6663f-1c26-49dd-bffc-84dae0b83edd", - "parsed_at": "2024-04-09T09:05:27.822Z" + "id": "6219b5ec-1fdc-48bd-89da-e101ef11e9d7", + "parsed_at": "2025-04-03T17:20:39.358Z", + "scan": { + "created_at": "2025-04-03T17:10:14Z", + "name": "zap-automation-framework-juice-shop-advanced", + "namespace": "default", + "scan_type": "zap-automation-framework" + } + }, + { + "name": "SQL Injection", + "description": "SQL injection may be possible.", + "hint": null, + "category": "SQL Injection", + "location": "http://bodgeit.default.svc:8080", + "osi_layer": "APPLICATION", + "severity": "HIGH", + "references": [ + { + "type": "URL", + "value": "https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html" + }, + { + "type": "CWE", + "value": "CWE-89" + }, + { + "type": "URL", + "value": "https://cwe.mitre.org/data/definitions/89.html" + } + ], + "mitigation": "Do not trust client side input, even if there is client side validation in place.In general, type check all data on the server side.If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.If database Stored Procedures can be used, use them.Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!Do not create dynamic SQL queries using simple string concatenation.Escape all data received from the client.Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.Apply the principle of least privilege by using the least privileged database user possible.In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.Grant the minimum database access that is necessary for the application.", + "attributes": { + "hostname": "bodgeit.default.svc", + "port": "8080", + "zap_confidence": "2", + "zap_count": "3", + "zap_solution": "Do not trust client side input, even if there is client side validation in place.In general, type check all data on the server side.If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.If database Stored Procedures can be used, use them.Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!Do not create dynamic SQL queries using simple string concatenation.Escape all data received from the client.Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.Apply the principle of least privilege by using the least privileged database user possible.In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.Grant the minimum database access that is necessary for the application.", + "zap_otherinfo": "The page results were successfully manipulated using the boolean conditions [3.3 AND 1=1 -- ] and [3.3 AND 1=2 -- ]The parameter value being modified was stripped from the HTML output for the purposes of the comparison.Data was returned for the original parameter.The vulnerability was detected by successfully restricting the data originally returned, by manipulating the parameter.", + "zap_reference": "https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html", + "zap_cweid": "89", + "zap_wascid": "19", + "zap_riskcode": "3", + "zap_pluginid": "40018", + "zap_finding_urls": [ + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "price", + "attack": "3.3 AND 1=1 -- ", + "evidence": "", + "otherinfo": "The page results were successfully manipulated using the boolean conditions [3.3 AND 1=1 -- ] and [3.3 AND 1=2 -- ]\nThe parameter value being modified was stripped from the HTML output for the purposes of the comparison.\nData was returned for the original parameter.\nThe vulnerability was detected by successfully restricting the data originally returned, by manipulating the parameter." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "productid", + "attack": "12/2", + "evidence": "", + "otherinfo": "The original page results were successfully replicated using the expression [12/2] as the parameter value\nThe parameter value being modified was stripped from the HTML output for the purposes of the comparison." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "update", + "attack": "Update Basket AND 1=1 -- ", + "evidence": "", + "otherinfo": "The page results were successfully manipulated using the boolean conditions [Update Basket AND 1=1 -- ] and [Update Basket AND 1=2 -- ]\nThe parameter value being modified was NOT stripped from the HTML output for the purposes of the comparison.\nData was returned for the original parameter.\nThe vulnerability was detected by successfully restricting the data originally returned, by manipulating the parameter." + } + ] }, - { - "name": "SQL Injection", - "description": "SQL injection may be possible.", - "hint": null, - "category": "SQL Injection", - "location": "http://bodgeit.default.svc:8080", - "osi_layer": "APPLICATION", - "severity": "HIGH", - "references": [ - { - "type": "URL", - "value": "https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html" - }, - { - "type": "CWE", - "value": "CWE-89" - }, - { - "type": "URL", - "value": "https://cwe.mitre.org/data/definitions/89.html" - } - ], - "mitigation": "Do not trust client side input, even if there is client side validation in place.In general, type check all data on the server side.If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.If database Stored Procedures can be used, use them.Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!Do not create dynamic SQL queries using simple string concatenation.Escape all data received from the client.Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.Apply the principle of least privilege by using the least privileged database user possible.In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.Grant the minimum database access that is necessary for the application.", - "attributes": { - "hostname": "bodgeit.default.svc", - "port": "8080", - "zap_confidence": "2", - "zap_count": "1", - "zap_solution": "Do not trust client side input, even if there is client side validation in place.In general, type check all data on the server side.If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.If database Stored Procedures can be used, use them.Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!Do not create dynamic SQL queries using simple string concatenation.Escape all data received from the client.Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.Apply the principle of least privilege by using the least privileged database user possible.In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.Grant the minimum database access that is necessary for the application.", - "zap_otherinfo": "The original page results were successfully replicated using the expression [19-2] as the parameter valueThe parameter value being modified was stripped from the HTML output for the purposes of the comparison", - "zap_reference": "https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html", - "zap_cweid": "89", - "zap_wascid": "19", - "zap_riskcode": "3", - "zap_pluginid": "40018", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "POST", - "param": "productid", - "attack": "19-2", - "evidence": "", - "otherinfo": "The original page results were successfully replicated using the expression [19-2] as the parameter value\nThe parameter value being modified was stripped from the HTML output for the purposes of the comparison" - } - ] - }, - "id": "c4c509d7-f067-49c8-90fb-8dacb75dde22", - "parsed_at": "2024-04-09T09:05:27.822Z" + "id": "995e70c7-51e2-48ec-aa4d-a40f8a6d1213", + "parsed_at": "2025-04-03T17:20:39.359Z", + "scan": { + "created_at": "2025-04-03T17:10:14Z", + "name": "zap-automation-framework-juice-shop-advanced", + "namespace": "default", + "scan_type": "zap-automation-framework" + } + }, + { + "name": "Absence of Anti-CSRF Tokens", + "description": "No Anti-CSRF tokens were found in a HTML submission form.A cross-site request forgery is an attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge or intent in order to perform an action as the victim. The underlying cause is application functionality using predictable URL/form actions in a repeatable way. The nature of the attack is that CSRF exploits the trust that a web site has for a user. By contrast, cross-site scripting (XSS) exploits the trust that a user has for a web site. Like XSS, CSRF attacks are not necessarily cross-site, but they can be. Cross-site request forgery is also known as CSRF, XSRF, one-click attack, session riding, confused deputy, and sea surf.CSRF attacks are effective in a number of situations, including: * The victim has an active session on the target site. * The victim is authenticated via HTTP auth on the target site. * The victim is on the same local network as the target site.CSRF has primarily been used to perform an action against a target site using the victim's privileges, but recent techniques have been discovered to disclose information by gaining access to the response. The risk of information disclosure is dramatically increased when the target site is vulnerable to XSS, because XSS can be used as a platform for CSRF, allowing the attack to operate within the bounds of the same-origin policy.", + "hint": null, + "category": "Absence of Anti-CSRF Tokens", + "location": "http://bodgeit.default.svc:8080", + "osi_layer": "APPLICATION", + "severity": "MEDIUM", + "references": [ + { + "type": "URL", + "value": "https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html" + }, + { + "type": "URL", + "value": "https://cwe.mitre.org/data/definitions/352.html" + }, + { + "type": "CWE", + "value": "CWE-352" + }, + { + "type": "URL", + "value": "https://cwe.mitre.org/data/definitions/352.html" + } + ], + "mitigation": "Phase: Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.For example, use anti-CSRF packages such as the OWASP CSRFGuard.Phase: ImplementationEnsure that your application is free of cross-site scripting issues, because most CSRF defenses can be bypassed using attacker-controlled script.Phase: Architecture and DesignGenerate a unique nonce for each form, place the nonce into the form, and verify the nonce upon receipt of the form. Be sure that the nonce is not predictable (CWE-330).Note that this can be bypassed using XSS.Identify especially dangerous operations. When the user performs a dangerous operation, send a separate confirmation request to ensure that the user intended to perform that operation.Note that this can be bypassed using XSS.Use the ESAPI Session Management control.This control includes a component for CSRF.Do not use the GET method for any request that triggers a state change.Phase: ImplementationCheck the HTTP Referer header to see if the request originated from an expected page. This could break legitimate functionality, because users or proxies may have disabled sending the Referer for privacy reasons.", + "attributes": { + "hostname": "bodgeit.default.svc", + "port": "8080", + "zap_confidence": "1", + "zap_count": "53", + "zap_solution": "Phase: Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.For example, use anti-CSRF packages such as the OWASP CSRFGuard.Phase: ImplementationEnsure that your application is free of cross-site scripting issues, because most CSRF defenses can be bypassed using attacker-controlled script.Phase: Architecture and DesignGenerate a unique nonce for each form, place the nonce into the form, and verify the nonce upon receipt of the form. Be sure that the nonce is not predictable (CWE-330).Note that this can be bypassed using XSS.Identify especially dangerous operations. When the user performs a dangerous operation, send a separate confirmation request to ensure that the user intended to perform that operation.Note that this can be bypassed using XSS.Use the ESAPI Session Management control.This control includes a component for CSRF.Do not use the GET method for any request that triggers a state change.Phase: ImplementationCheck the HTTP Referer header to see if the request originated from an expected page. This could break legitimate functionality, because users or proxies may have disabled sending the Referer for privacy reasons.", + "zap_otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"desc\" \"price\" \"product\" \"type\" ].", + "zap_reference": "https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.htmlhttps://cwe.mitre.org/data/definitions/352.html", + "zap_cweid": "352", + "zap_wascid": "9", + "zap_riskcode": "2", + "zap_pluginid": "10202", + "zap_finding_urls": [ + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/advanced.jsp", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"desc\" \"price\" \"product\" \"type\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/advanced.jsp", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 2: \"q\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"quantity_32\" \"update\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/login.jsp", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"password\" \"submit\" \"username\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=1", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=10", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=11", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=12", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=13", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=14", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=15", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=16", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=17", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=18", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=19", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=2", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=20", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=21", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=22", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=23", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=24", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=25", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=26", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=27", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=28", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=29", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=3", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=30", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=31", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=32", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=4", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=5", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=6", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=7", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=8", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=9", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/register.jsp", + "method": "GET", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"password1\" \"password2\" \"submit\" \"username\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"quantity_14\" \"update\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"quantity_15\" \"quantity_17\" \"update\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"quantity_17\" \"update\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"quantity_2\" \"quantity_8\" \"update\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"quantity_23\" \"quantity_28\" \"update\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"quantity_25\" \"quantity_30\" \"update\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"quantity_25\" \"update\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"quantity_27\" \"update\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"quantity_3\" \"update\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"quantity_32\" \"update\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"quantity_4\" \"update\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"quantity_5\" \"update\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"quantity_6\" \"update\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"quantity_7\" \"update\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"quantity_9\" \"update\" ]." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/login.jsp", + "method": "POST", + "param": "", + "attack": "", + "evidence": "
", + "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token, _csrfToken] was found in the following HTML form: [Form 1: \"password\" \"submit\" \"username\" ]." + } + ] }, - { - "name": "Absence of Anti-CSRF Tokens", - "description": "No Anti-CSRF tokens were found in a HTML submission form.A cross-site request forgery is an attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge or intent in order to perform an action as the victim. The underlying cause is application functionality using predictable URL/form actions in a repeatable way. The nature of the attack is that CSRF exploits the trust that a web site has for a user. By contrast, cross-site scripting (XSS) exploits the trust that a user has for a web site. Like XSS, CSRF attacks are not necessarily cross-site, but they can be. Cross-site request forgery is also known as CSRF, XSRF, one-click attack, session riding, confused deputy, and sea surf.CSRF attacks are effective in a number of situations, including: * The victim has an active session on the target site. * The victim is authenticated via HTTP auth on the target site. * The victim is on the same local network as the target site.CSRF has primarily been used to perform an action against a target site using the victim's privileges, but recent techniques have been discovered to disclose information by gaining access to the response. The risk of information disclosure is dramatically increased when the target site is vulnerable to XSS, because XSS can be used as a platform for CSRF, allowing the attack to operate within the bounds of the same-origin policy.", - "hint": null, - "category": "Absence of Anti-CSRF Tokens", - "location": "http://bodgeit.default.svc:8080", - "osi_layer": "APPLICATION", - "severity": "MEDIUM", - "references": [ - { - "type": "URL", - "value": "https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html" - }, - { - "type": "URL", - "value": "https://cwe.mitre.org/data/definitions/352.html" - }, - { - "type": "CWE", - "value": "CWE-352" - }, - { - "type": "URL", - "value": "https://cwe.mitre.org/data/definitions/352.html" - } - ], - "mitigation": "Phase: Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.For example, use anti-CSRF packages such as the OWASP CSRFGuard.Phase: ImplementationEnsure that your application is free of cross-site scripting issues, because most CSRF defenses can be bypassed using attacker-controlled script.Phase: Architecture and DesignGenerate a unique nonce for each form, place the nonce into the form, and verify the nonce upon receipt of the form. Be sure that the nonce is not predictable (CWE-330).Note that this can be bypassed using XSS.Identify especially dangerous operations. When the user performs a dangerous operation, send a separate confirmation request to ensure that the user intended to perform that operation.Note that this can be bypassed using XSS.Use the ESAPI Session Management control.This control includes a component for CSRF.Do not use the GET method for any request that triggers a state change.Phase: ImplementationCheck the HTTP Referer header to see if the request originated from an expected page. This could break legitimate functionality, because users or proxies may have disabled sending the Referer for privacy reasons.", - "attributes": { - "hostname": "bodgeit.default.svc", - "port": "8080", - "zap_confidence": "1", - "zap_count": "47", - "zap_solution": "Phase: Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.For example, use anti-CSRF packages such as the OWASP CSRFGuard.Phase: ImplementationEnsure that your application is free of cross-site scripting issues, because most CSRF defenses can be bypassed using attacker-controlled script.Phase: Architecture and DesignGenerate a unique nonce for each form, place the nonce into the form, and verify the nonce upon receipt of the form. Be sure that the nonce is not predictable (CWE-330).Note that this can be bypassed using XSS.Identify especially dangerous operations. When the user performs a dangerous operation, send a separate confirmation request to ensure that the user intended to perform that operation.Note that this can be bypassed using XSS.Use the ESAPI Session Management control.This control includes a component for CSRF.Do not use the GET method for any request that triggers a state change.Phase: ImplementationCheck the HTTP Referer header to see if the request originated from an expected page. This could break legitimate functionality, because users or proxies may have disabled sending the Referer for privacy reasons.", - "zap_otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"desc\" \"price\" \"product\" \"type\" ].", - "zap_reference": "https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.htmlhttps://cwe.mitre.org/data/definitions/352.html", - "zap_cweid": "352", - "zap_wascid": "9", - "zap_riskcode": "2", - "zap_pluginid": "10202", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/advanced.jsp", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"desc\" \"price\" \"product\" \"type\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/advanced.jsp", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 2: \"q\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"update\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/login.jsp", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"password\" \"submit\" \"username\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=1", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=10", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=11", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=12", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=13", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=14", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=15", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=16", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=17", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=18", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=19", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=2", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=20", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=21", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=22", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=23", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=24", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=25", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=26", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=27", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=28", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=29", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=3", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=30", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=31", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=32", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=4", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=5", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=6", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=9", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"price\" \"productid\" \"quantity\" \"submit\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/register.jsp", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"password1\" \"password2\" \"submit\" \"username\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/search.jsp", - "method": "GET", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"q\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "POST", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"quantity_14\" \"update\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "POST", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"quantity_16\" \"update\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "POST", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"quantity_17\" \"quantity_26\" \"update\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "POST", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"quantity_18\" \"update\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "POST", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"quantity_21\" \"update\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "POST", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"quantity_22\" \"update\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "POST", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"quantity_26\" \"update\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "POST", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"quantity_32\" \"update\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "POST", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"quantity_5\" \"update\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "POST", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"update\" ]." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/login.jsp", - "method": "POST", - "param": "", - "attack": "", - "evidence": "
", - "otherinfo": "No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: \"password\" \"submit\" \"username\" ]." - } - ] - }, - "id": "6be50f6c-d4d3-4587-a5fd-168ce230383d", - "parsed_at": "2024-04-09T09:05:27.822Z" + "id": "9dc88864-cf0f-4c7d-a98b-0fbc4dde7aa5", + "parsed_at": "2025-04-03T17:20:39.359Z", + "scan": { + "created_at": "2025-04-03T17:10:14Z", + "name": "zap-automation-framework-juice-shop-advanced", + "namespace": "default", + "scan_type": "zap-automation-framework" + } + }, + { + "name": "Content Security Policy (CSP) Header Not Set", + "description": "Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.", + "hint": null, + "category": "Content Security Policy (CSP) Header Not Set", + "location": "http://bodgeit.default.svc:8080", + "osi_layer": "APPLICATION", + "severity": "MEDIUM", + "references": [ + { + "type": "URL", + "value": "https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy" + }, + { + "type": "URL", + "value": "https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html" + }, + { + "type": "URL", + "value": "https://www.w3.org/TR/CSP/" + }, + { + "type": "URL", + "value": "https://w3c.github.io/webappsec-csp/" + }, + { + "type": "URL", + "value": "https://web.dev/articles/csp" + }, + { + "type": "URL", + "value": "https://caniuse.com/#feat=contentsecuritypolicy" + }, + { + "type": "URL", + "value": "https://content-security-policy.com/" + }, + { + "type": "CWE", + "value": "CWE-693" + }, + { + "type": "URL", + "value": "https://cwe.mitre.org/data/definitions/693.html" + } + ], + "mitigation": "Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.", + "attributes": { + "hostname": "bodgeit.default.svc", + "port": "8080", + "zap_confidence": "3", + "zap_count": "54", + "zap_solution": "Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.", + "zap_otherinfo": null, + "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policyhttps://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.htmlhttps://www.w3.org/TR/CSP/https://w3c.github.io/webappsec-csp/https://web.dev/articles/csphttps://caniuse.com/#feat=contentsecuritypolicyhttps://content-security-policy.com/", + "zap_cweid": "693", + "zap_wascid": "15", + "zap_riskcode": "2", + "zap_pluginid": "10038", + "zap_finding_urls": [ + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/about.jsp", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/admin.jsp", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/advanced.jsp", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/contact.jsp", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/home.jsp", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/login.jsp", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=1", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=10", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=11", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=12", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=13", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=14", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=15", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=16", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=17", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=18", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=19", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=2", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=20", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=21", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=22", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=23", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=24", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=25", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=26", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=27", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=28", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=29", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=3", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=30", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=31", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=32", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=4", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=5", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=6", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=7", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=8", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=9", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=1", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=2", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=3", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=4", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=5", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=6", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=7", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/register.jsp", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/score.jsp", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/search.jsp", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/search.jsp?q=ZAP", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/contact.jsp", + "method": "POST", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/login.jsp", + "method": "POST", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + } + ] }, - { - "name": "Content Security Policy (CSP) Header Not Set", - "description": "Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.", - "hint": null, - "category": "Content Security Policy (CSP) Header Not Set", - "location": "http://bodgeit.default.svc:8080", - "osi_layer": "APPLICATION", - "severity": "MEDIUM", - "references": [ - { - "type": "URL", - "value": "https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy" - }, - { - "type": "URL", - "value": "https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html" - }, - { - "type": "URL", - "value": "https://www.w3.org/TR/CSP/" - }, - { - "type": "URL", - "value": "https://w3c.github.io/webappsec-csp/" - }, - { - "type": "URL", - "value": "https://web.dev/articles/csp" - }, - { - "type": "URL", - "value": "https://caniuse.com/#feat=contentsecuritypolicy" - }, - { - "type": "URL", - "value": "https://content-security-policy.com/" - }, - { - "type": "CWE", - "value": "CWE-693" - }, - { - "type": "URL", - "value": "https://cwe.mitre.org/data/definitions/693.html" - } - ], - "mitigation": "Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.", - "attributes": { - "hostname": "bodgeit.default.svc", - "port": "8080", - "zap_confidence": "3", - "zap_count": "52", - "zap_solution": "Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.", - "zap_otherinfo": null, - "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policyhttps://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.htmlhttps://www.w3.org/TR/CSP/https://w3c.github.io/webappsec-csp/https://web.dev/articles/csphttps://caniuse.com/#feat=contentsecuritypolicyhttps://content-security-policy.com/", - "zap_cweid": "693", - "zap_wascid": "15", - "zap_riskcode": "2", - "zap_pluginid": "10038", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/about.jsp", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/admin.jsp", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/advanced.jsp", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/contact.jsp", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/home.jsp", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/login.jsp", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=1", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=10", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=11", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=12", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=13", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=14", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=15", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=16", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=17", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=18", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=19", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=2", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=20", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=21", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=22", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=23", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=24", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=25", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=26", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=27", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=28", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=29", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=3", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=30", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=31", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=32", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=4", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=5", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=6", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=9", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=1", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=2", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=3", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=4", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=5", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=6", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=7", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/register.jsp", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/score.jsp", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/search.jsp", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/search.jsp?q=ZAP", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "POST", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/contact.jsp", - "method": "POST", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/login.jsp", - "method": "POST", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - } - ] - }, - "id": "ff421a04-981b-4259-a2a9-a403fd4dbb13", - "parsed_at": "2024-04-09T09:05:27.822Z" + "id": "e380a129-5b71-45e8-b5e3-3f0e5d0b3ca6", + "parsed_at": "2025-04-03T17:20:39.359Z", + "scan": { + "created_at": "2025-04-03T17:10:14Z", + "name": "zap-automation-framework-juice-shop-advanced", + "namespace": "default", + "scan_type": "zap-automation-framework" + } + }, + { + "name": "Missing Anti-clickjacking Header", + "description": "The response does not protect against 'ClickJacking' attacks. It should include either Content-Security-Policy with 'frame-ancestors' directive or X-Frame-Options.", + "hint": null, + "category": "Missing Anti-clickjacking Header", + "location": "http://bodgeit.default.svc:8080", + "osi_layer": "APPLICATION", + "severity": "MEDIUM", + "references": [ + { + "type": "URL", + "value": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options" + }, + { + "type": "CWE", + "value": "CWE-1021" + }, + { + "type": "URL", + "value": "https://cwe.mitre.org/data/definitions/1021.html" + } + ], + "mitigation": "Modern Web browsers support the Content-Security-Policy and X-Frame-Options HTTP headers. Ensure one of them is set on all web pages returned by your site/app.If you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. Alternatively consider implementing Content Security Policy's \"frame-ancestors\" directive.", + "attributes": { + "hostname": "bodgeit.default.svc", + "port": "8080", + "zap_confidence": "2", + "zap_count": "54", + "zap_solution": "Modern Web browsers support the Content-Security-Policy and X-Frame-Options HTTP headers. Ensure one of them is set on all web pages returned by your site/app.If you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. Alternatively consider implementing Content Security Policy's \"frame-ancestors\" directive.", + "zap_otherinfo": null, + "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options", + "zap_cweid": "1021", + "zap_wascid": "15", + "zap_riskcode": "2", + "zap_pluginid": "10020", + "zap_finding_urls": [ + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/about.jsp", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/admin.jsp", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/advanced.jsp", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/contact.jsp", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/home.jsp", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/login.jsp", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=1", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=10", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=11", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=12", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=13", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=14", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=15", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=16", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=17", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=18", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=19", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=2", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=20", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=21", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=22", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=23", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=24", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=25", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=26", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=27", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=28", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=29", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=3", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=30", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=31", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=32", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=4", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=5", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=6", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=7", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=8", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=9", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=1", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=2", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=3", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=4", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=5", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=6", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=7", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/register.jsp", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/score.jsp", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/search.jsp", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/search.jsp?q=ZAP", + "method": "GET", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/contact.jsp", + "method": "POST", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/login.jsp", + "method": "POST", + "param": "x-frame-options", + "attack": "", + "evidence": "", + "otherinfo": "" + } + ] }, - { - "name": "Missing Anti-clickjacking Header", - "description": "The response does not include either Content-Security-Policy with 'frame-ancestors' directive or X-Frame-Options to protect against 'ClickJacking' attacks.", - "hint": null, - "category": "Missing Anti-clickjacking Header", - "location": "http://bodgeit.default.svc:8080", - "osi_layer": "APPLICATION", - "severity": "MEDIUM", - "references": [ - { - "type": "URL", - "value": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options" - }, - { - "type": "CWE", - "value": "CWE-1021" - }, - { - "type": "URL", - "value": "https://cwe.mitre.org/data/definitions/1021.html" - } - ], - "mitigation": "Modern Web browsers support the Content-Security-Policy and X-Frame-Options HTTP headers. Ensure one of them is set on all web pages returned by your site/app.If you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. Alternatively consider implementing Content Security Policy's \"frame-ancestors\" directive.", - "attributes": { - "hostname": "bodgeit.default.svc", - "port": "8080", - "zap_confidence": "2", - "zap_count": "52", - "zap_solution": "Modern Web browsers support the Content-Security-Policy and X-Frame-Options HTTP headers. Ensure one of them is set on all web pages returned by your site/app.If you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. Alternatively consider implementing Content Security Policy's \"frame-ancestors\" directive.", - "zap_otherinfo": null, - "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options", - "zap_cweid": "1021", - "zap_wascid": "15", - "zap_riskcode": "2", - "zap_pluginid": "10020", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/about.jsp", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/admin.jsp", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/advanced.jsp", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/contact.jsp", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/home.jsp", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/login.jsp", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=1", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=10", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=11", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=12", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=13", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=14", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=15", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=16", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=17", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=18", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=19", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=2", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=20", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=21", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=22", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=23", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=24", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=25", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=26", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=27", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=28", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=29", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=3", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=30", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=31", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=32", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=4", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=5", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=6", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=9", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=1", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=2", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=3", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=4", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=5", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=6", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=7", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/register.jsp", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/score.jsp", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/search.jsp", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/search.jsp?q=ZAP", - "method": "GET", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "POST", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/contact.jsp", - "method": "POST", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/login.jsp", - "method": "POST", - "param": "x-frame-options", - "attack": "", - "evidence": "", - "otherinfo": "" - } - ] - }, - "id": "ac518fcd-fe66-4a2d-ab86-1006f5d93683", - "parsed_at": "2024-04-09T09:05:27.822Z" + "id": "93e48b4e-45e4-4c10-8f54-61f0e94cd6fd", + "parsed_at": "2025-04-03T17:20:39.359Z", + "scan": { + "created_at": "2025-04-03T17:10:14Z", + "name": "zap-automation-framework-juice-shop-advanced", + "namespace": "default", + "scan_type": "zap-automation-framework" + } + }, + { + "name": "Cookie No HttpOnly Flag", + "description": "A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.", + "hint": null, + "category": "Cookie No HttpOnly Flag", + "location": "http://bodgeit.default.svc:8080", + "osi_layer": "APPLICATION", + "severity": "LOW", + "references": [ + { + "type": "URL", + "value": "https://owasp.org/www-community/HttpOnly" + }, + { + "type": "CWE", + "value": "CWE-1004" + }, + { + "type": "URL", + "value": "https://cwe.mitre.org/data/definitions/1004.html" + } + ], + "mitigation": "Ensure that the HttpOnly flag is set for all cookies.", + "attributes": { + "hostname": "bodgeit.default.svc", + "port": "8080", + "zap_confidence": "2", + "zap_count": "1", + "zap_solution": "Ensure that the HttpOnly flag is set for all cookies.", + "zap_otherinfo": null, + "zap_reference": "https://owasp.org/www-community/HttpOnly", + "zap_cweid": "1004", + "zap_wascid": "13", + "zap_riskcode": "1", + "zap_pluginid": "10010", + "zap_finding_urls": [ + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "b_id", + "attack": "", + "evidence": "Set-Cookie: b_id", + "otherinfo": "" + } + ] }, - { - "name": "Cookie No HttpOnly Flag", - "description": "A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.", - "hint": null, - "category": "Cookie No HttpOnly Flag", - "location": "http://bodgeit.default.svc:8080", - "osi_layer": "APPLICATION", - "severity": "LOW", - "references": [ - { - "type": "URL", - "value": "https://owasp.org/www-community/HttpOnly" - }, - { - "type": "CWE", - "value": "CWE-1004" - }, - { - "type": "URL", - "value": "https://cwe.mitre.org/data/definitions/1004.html" - } - ], - "mitigation": "Ensure that the HttpOnly flag is set for all cookies.", - "attributes": { - "hostname": "bodgeit.default.svc", - "port": "8080", - "zap_confidence": "2", - "zap_count": "1", - "zap_solution": "Ensure that the HttpOnly flag is set for all cookies.", - "zap_otherinfo": null, - "zap_reference": "https://owasp.org/www-community/HttpOnly", - "zap_cweid": "1004", - "zap_wascid": "13", - "zap_riskcode": "1", - "zap_pluginid": "10010", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "POST", - "param": "b_id", - "attack": "", - "evidence": "Set-Cookie: b_id", - "otherinfo": "" - } - ] - }, - "id": "a0340540-a3c9-4bb6-9f5d-c3559dc1b51e", - "parsed_at": "2024-04-09T09:05:27.822Z" + "id": "438758d0-e6ad-4ed5-94c8-68ad8fbebdc0", + "parsed_at": "2025-04-03T17:20:39.359Z", + "scan": { + "created_at": "2025-04-03T17:10:14Z", + "name": "zap-automation-framework-juice-shop-advanced", + "namespace": "default", + "scan_type": "zap-automation-framework" + } + }, + { + "name": "Cookie without SameSite Attribute", + "description": "A cookie has been set without the SameSite attribute, which means that the cookie can be sent as a result of a 'cross-site' request. The SameSite attribute is an effective counter measure to cross-site request forgery, cross-site script inclusion, and timing attacks.", + "hint": null, + "category": "Cookie without SameSite Attribute", + "location": "http://bodgeit.default.svc:8080", + "osi_layer": "APPLICATION", + "severity": "LOW", + "references": [ + { + "type": "URL", + "value": "https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site" + }, + { + "type": "CWE", + "value": "CWE-1275" + }, + { + "type": "URL", + "value": "https://cwe.mitre.org/data/definitions/1275.html" + } + ], + "mitigation": "Ensure that the SameSite attribute is set to either 'lax' or ideally 'strict' for all cookies.", + "attributes": { + "hostname": "bodgeit.default.svc", + "port": "8080", + "zap_confidence": "2", + "zap_count": "3", + "zap_solution": "Ensure that the SameSite attribute is set to either 'lax' or ideally 'strict' for all cookies.", + "zap_otherinfo": null, + "zap_reference": "https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site", + "zap_cweid": "1275", + "zap_wascid": "13", + "zap_riskcode": "1", + "zap_pluginid": "10054", + "zap_finding_urls": [ + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/login.jsp", + "method": "GET", + "param": "JSESSIONID", + "attack": "", + "evidence": "Set-Cookie: JSESSIONID", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "b_id", + "attack": "", + "evidence": "Set-Cookie: b_id", + "otherinfo": "" + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "JSESSIONID", + "attack": "", + "evidence": "Set-Cookie: JSESSIONID", + "otherinfo": "" + } + ] }, - { - "name": "Cookie without SameSite Attribute", - "description": "A cookie has been set without the SameSite attribute, which means that the cookie can be sent as a result of a 'cross-site' request. The SameSite attribute is an effective counter measure to cross-site request forgery, cross-site script inclusion, and timing attacks.", - "hint": null, - "category": "Cookie without SameSite Attribute", - "location": "http://bodgeit.default.svc:8080", - "osi_layer": "APPLICATION", - "severity": "LOW", - "references": [ - { - "type": "URL", - "value": "https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site" - }, - { - "type": "CWE", - "value": "CWE-1275" - }, - { - "type": "URL", - "value": "https://cwe.mitre.org/data/definitions/1275.html" - } - ], - "mitigation": "Ensure that the SameSite attribute is set to either 'lax' or ideally 'strict' for all cookies.", - "attributes": { - "hostname": "bodgeit.default.svc", - "port": "8080", - "zap_confidence": "2", - "zap_count": "1", - "zap_solution": "Ensure that the SameSite attribute is set to either 'lax' or ideally 'strict' for all cookies.", - "zap_otherinfo": null, - "zap_reference": "https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site", - "zap_cweid": "1275", - "zap_wascid": "13", - "zap_riskcode": "1", - "zap_pluginid": "10054", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "POST", - "param": "b_id", - "attack": "", - "evidence": "Set-Cookie: b_id", - "otherinfo": "" - } - ] - }, - "id": "003678f7-1e8b-46c6-b229-12a13f66896c", - "parsed_at": "2024-04-09T09:05:27.822Z" + "id": "825a727b-5ac3-4a1b-a41a-3ee4a765aae1", + "parsed_at": "2025-04-03T17:20:39.359Z", + "scan": { + "created_at": "2025-04-03T17:10:14Z", + "name": "zap-automation-framework-juice-shop-advanced", + "namespace": "default", + "scan_type": "zap-automation-framework" + } + }, + { + "name": "X-Content-Type-Options Header Missing", + "description": "The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.", + "hint": null, + "category": "X-Content-Type-Options Header Missing", + "location": "http://bodgeit.default.svc:8080", + "osi_layer": "APPLICATION", + "severity": "LOW", + "references": [ + { + "type": "URL", + "value": "https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)" + }, + { + "type": "URL", + "value": "https://owasp.org/www-community/Security_Headers" + }, + { + "type": "CWE", + "value": "CWE-693" + }, + { + "type": "URL", + "value": "https://cwe.mitre.org/data/definitions/693.html" + } + ], + "mitigation": "Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.", + "attributes": { + "hostname": "bodgeit.default.svc", + "port": "8080", + "zap_confidence": "2", + "zap_count": "54", + "zap_solution": "Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.", + "zap_otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.At \"High\" threshold this scan rule will not alert on client or server error responses.", + "zap_reference": "https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)https://owasp.org/www-community/Security_Headers", + "zap_cweid": "693", + "zap_wascid": "15", + "zap_riskcode": "1", + "zap_pluginid": "10021", + "zap_finding_urls": [ + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/about.jsp", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/admin.jsp", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/advanced.jsp", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/contact.jsp", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/home.jsp", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/login.jsp", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=1", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=10", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=11", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=12", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=13", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=14", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=15", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=16", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=17", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=18", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=19", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=2", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=20", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=21", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=22", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=23", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=24", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=25", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=26", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=27", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=28", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=29", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=3", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=30", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=31", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=32", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=4", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=5", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=6", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=7", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=8", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=9", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=1", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=2", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=3", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=4", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=5", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=6", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=7", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/register.jsp", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/score.jsp", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/search.jsp", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/search.jsp?q=ZAP", + "method": "GET", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", + "method": "POST", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/contact.jsp", + "method": "POST", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + }, + { + "uri": "http://bodgeit.default.svc:8080/bodgeit/login.jsp", + "method": "POST", + "param": "x-content-type-options", + "attack": "", + "evidence": "", + "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." + } + ] }, - { - "name": "X-Content-Type-Options Header Missing", - "description": "The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.", - "hint": null, - "category": "X-Content-Type-Options Header Missing", - "location": "http://bodgeit.default.svc:8080", - "osi_layer": "APPLICATION", - "severity": "LOW", - "references": [ - { - "type": "URL", - "value": "https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)" - }, - { - "type": "URL", - "value": "https://owasp.org/www-community/Security_Headers" - }, - { - "type": "CWE", - "value": "CWE-693" - }, - { - "type": "URL", - "value": "https://cwe.mitre.org/data/definitions/693.html" - } - ], - "mitigation": "Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.", - "attributes": { - "hostname": "bodgeit.default.svc", - "port": "8080", - "zap_confidence": "2", - "zap_count": "52", - "zap_solution": "Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.", - "zap_otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.At \"High\" threshold this scan rule will not alert on client or server error responses.", - "zap_reference": "https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)https://owasp.org/www-community/Security_Headers", - "zap_cweid": "693", - "zap_wascid": "15", - "zap_riskcode": "1", - "zap_pluginid": "10021", - "zap_finding_urls": [ - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/about.jsp", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/admin.jsp", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/advanced.jsp", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/contact.jsp", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/home.jsp", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/login.jsp", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=1", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=10", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=11", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=12", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=13", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=14", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=15", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=16", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=17", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=18", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=19", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=2", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=20", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=21", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=22", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=23", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=24", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=25", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=26", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=27", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=28", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=29", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=3", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=30", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=31", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=32", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=4", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=5", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=6", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?prodid=9", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=1", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=2", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=3", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=4", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=5", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=6", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/product.jsp?typeid=7", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/register.jsp", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/score.jsp", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/search.jsp", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/search.jsp?q=ZAP", - "method": "GET", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/basket.jsp", - "method": "POST", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/contact.jsp", - "method": "POST", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - }, - { - "uri": "http://bodgeit.default.svc:8080/bodgeit/login.jsp", - "method": "POST", - "param": "x-content-type-options", - "attack": "", - "evidence": "", - "otherinfo": "This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\nAt \"High\" threshold this scan rule will not alert on client or server error responses." - } - ] - }, - "id": "574c122f-e957-4ea4-9d0b-cdec01441ef0", - "parsed_at": "2024-04-09T09:05:27.822Z" + "id": "e5608233-037b-4274-b160-4a906837f319", + "parsed_at": "2025-04-03T17:20:39.359Z", + "scan": { + "created_at": "2025-04-03T17:10:14Z", + "name": "zap-automation-framework-juice-shop-advanced", + "namespace": "default", + "scan_type": "zap-automation-framework" } -] \ No newline at end of file + } +] diff --git a/scanners/zap-automation-framework/examples/demo-zap-baseline-scan/findings.yaml b/scanners/zap-automation-framework/examples/demo-zap-baseline-scan/findings.yaml index f98f01f94c..05cab9e98c 100644 --- a/scanners/zap-automation-framework/examples/demo-zap-baseline-scan/findings.yaml +++ b/scanners/zap-automation-framework/examples/demo-zap-baseline-scan/findings.yaml @@ -3,2396 +3,2412 @@ # SPDX-License-Identifier: Apache-2.0 [ - { - "name": "Content Security Policy (CSP) Header Not Set", - "description": "Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.", - "hint": null, - "category": "Content Security Policy (CSP) Header Not Set", - "location": "http://juiceshop.demo-targets.svc:3000", - "osi_layer": "APPLICATION", - "severity": "MEDIUM", - "references": [ - { - "type": "URL", - "value": "https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy" - }, - { - "type": "URL", - "value": "https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html" - }, - { - "type": "URL", - "value": "https://www.w3.org/TR/CSP/" - }, - { - "type": "URL", - "value": "https://w3c.github.io/webappsec-csp/" - }, - { - "type": "URL", - "value": "https://web.dev/articles/csp" - }, - { - "type": "URL", - "value": "https://caniuse.com/#feat=contentsecuritypolicy" - }, - { - "type": "URL", - "value": "https://content-security-policy.com/" - }, - { - "type": "CWE", - "value": "CWE-693" - }, - { - "type": "URL", - "value": "https://cwe.mitre.org/data/definitions/693.html" - } - ], - "mitigation": "Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.", - "attributes": { - "hostname": "juiceshop.demo-targets.svc", - "port": "3000", - "zap_confidence": "3", - "zap_count": "69", - "zap_solution": "Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.", - "zap_otherinfo": null, - "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policyhttps://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.htmlhttps://www.w3.org/TR/CSP/https://w3c.github.io/webappsec-csp/https://web.dev/articles/csphttps://caniuse.com/#feat=contentsecuritypolicyhttps://content-security-policy.com/", - "zap_cweid": "693", - "zap_wascid": "15", - "zap_riskcode": "2", - "zap_pluginid": "10038", - "zap_finding_urls": [ - { - "uri": "http://juiceshop.demo-targets.svc:3000/", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/coupons_2013.md.bak", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/eastere.gg", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/encrypt.pyc", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/package.json.bak", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/quarantine", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/suspicious_errors.yml", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/assets/public/favicon_js.ico", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/favicon_js.ico", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/main.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/polyfills.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/runtime.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/styles.css", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/vendor.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/fileServer.js:15:13", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/fileServer.js:31:18", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/main.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/polyfills.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/runtime.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/styles.css", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/vendor.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/assets/public/favicon_js.ico", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/main.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/polyfills.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/runtime.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/styles.css", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/vendor.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:275:10", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:284:7", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:317:13", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:354:14", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:365:14", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:410:3", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/layer.js:95:5", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/main.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/polyfills.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/runtime.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/styles.css", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/vendor.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/assets/public/favicon_js.ico", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/favicon_js.ico", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/main.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/polyfills.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/runtime.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/styles.css", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/vendor.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/main.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/polyfills.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/polyfills.js:299:20", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/runtime.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/styles.css", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/vendor.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/assets/public/favicon_js.ico", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/main.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/polyfills.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/runtime.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/styles.css", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/vendor.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/index.js:145:39", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/main.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/polyfills.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/runtime.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/styles.css", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/vendor.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/sitemap.xml", - "method": "GET", - "param": "", - "attack": "", - "evidence": "", - "otherinfo": "" - } - ] - }, - "id": "5cb2088f-108e-4f8d-b3f3-0246c3fde9e1", - "parsed_at": "2024-04-09T09:50:10.750Z" + { + "name": "Content Security Policy (CSP) Header Not Set", + "description": "Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.", + "hint": null, + "category": "Content Security Policy (CSP) Header Not Set", + "location": "http://juice-shop.demo-targets.svc:3000", + "osi_layer": "APPLICATION", + "severity": "MEDIUM", + "references": [ + { + "type": "URL", + "value": "https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy" + }, + { + "type": "URL", + "value": "https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html" + }, + { + "type": "URL", + "value": "https://www.w3.org/TR/CSP/" + }, + { + "type": "URL", + "value": "https://w3c.github.io/webappsec-csp/" + }, + { + "type": "URL", + "value": "https://web.dev/articles/csp" + }, + { + "type": "URL", + "value": "https://caniuse.com/#feat=contentsecuritypolicy" + }, + { + "type": "URL", + "value": "https://content-security-policy.com/" + }, + { + "type": "CWE", + "value": "CWE-693" + }, + { + "type": "URL", + "value": "https://cwe.mitre.org/data/definitions/693.html" + } + ], + "mitigation": "Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.", + "attributes": { + "hostname": "juice-shop.demo-targets.svc", + "port": "3000", + "zap_confidence": "3", + "zap_count": "69", + "zap_solution": "Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.", + "zap_otherinfo": null, + "zap_reference": "https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policyhttps://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.htmlhttps://www.w3.org/TR/CSP/https://w3c.github.io/webappsec-csp/https://web.dev/articles/csphttps://caniuse.com/#feat=contentsecuritypolicyhttps://content-security-policy.com/", + "zap_cweid": "693", + "zap_wascid": "15", + "zap_riskcode": "2", + "zap_pluginid": "10038", + "zap_finding_urls": [ + { + "uri": "http://juice-shop.demo-targets.svc:3000/", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/coupons_2013.md.bak", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/eastere.gg", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/encrypt.pyc", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/package.json.bak", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/quarantine", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/suspicious_errors.yml", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/assets/public/favicon_js.ico", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/favicon_js.ico", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/main.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/polyfills.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/runtime.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/styles.css", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/vendor.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/fileServer.js:15:13", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/fileServer.js:31:18", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/main.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/polyfills.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/runtime.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/styles.css", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/vendor.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/assets/public/favicon_js.ico", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/main.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/polyfills.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/runtime.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/styles.css", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/vendor.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:275:10", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:284:7", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:317:13", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:354:14", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:365:14", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:410:3", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/layer.js:95:5", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/main.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/polyfills.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/runtime.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/styles.css", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/vendor.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/assets/public/favicon_js.ico", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/favicon_js.ico", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/main.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/polyfills.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/runtime.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/styles.css", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/vendor.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/main.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/polyfills.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/polyfills.js:299:20", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/runtime.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/styles.css", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/vendor.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/assets/public/favicon_js.ico", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/main.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/polyfills.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/runtime.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/styles.css", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/vendor.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/index.js:145:39", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/main.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/polyfills.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/runtime.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/styles.css", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/vendor.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/sitemap.xml", + "method": "GET", + "param": "", + "attack": "", + "evidence": "", + "otherinfo": "" + } + ] }, - { - "name": "Cross-Domain Misconfiguration", - "description": "Web browser data loading may be possible, due to a Cross Origin Resource Sharing (CORS) misconfiguration on the web server", - "hint": null, - "category": "Cross-Domain Misconfiguration", - "location": "http://juiceshop.demo-targets.svc:3000", - "osi_layer": "APPLICATION", - "severity": "MEDIUM", - "references": [ - { - "type": "URL", - "value": "https://vulncat.fortify.com/en/detail?id=desc.config.dotnet.html5_overly_permissive_cors_policy" - }, - { - "type": "CWE", - "value": "CWE-264" - }, - { - "type": "URL", - "value": "https://cwe.mitre.org/data/definitions/264.html" - } - ], - "mitigation": "Ensure that sensitive data is not available in an unauthenticated manner (using IP address white-listing, for instance).Configure the \"Access-Control-Allow-Origin\" HTTP header to a more restrictive set of domains, or remove all CORS headers entirely, to allow the web browser to enforce the Same Origin Policy (SOP) in a more restrictive manner.", - "attributes": { - "hostname": "juiceshop.demo-targets.svc", - "port": "3000", - "zap_confidence": "2", - "zap_count": "84", - "zap_solution": "Ensure that sensitive data is not available in an unauthenticated manner (using IP address white-listing, for instance).Configure the \"Access-Control-Allow-Origin\" HTTP header to a more restrictive set of domains, or remove all CORS headers entirely, to allow the web browser to enforce the Same Origin Policy (SOP) in a more restrictive manner.", - "zap_otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.", - "zap_reference": "https://vulncat.fortify.com/en/detail?id=desc.config.dotnet.html5_overly_permissive_cors_policy", - "zap_cweid": "264", - "zap_wascid": "14", - "zap_riskcode": "2", - "zap_pluginid": "10098", - "zap_finding_urls": [ - { - "uri": "http://juiceshop.demo-targets.svc:3000/", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/assets/public/favicon_js.ico", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/acquisitions.md", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/announcement_encrypted.md", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/coupons_2013.md.bak", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/eastere.gg", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/encrypt.pyc", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/incident-support.kdbx", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/legal.md", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/package.json.bak", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/quarantine", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/quarantine/juicy_malware_linux_amd_64.url", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/quarantine/juicy_malware_linux_arm_64.url", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/quarantine/juicy_malware_macos_64.url", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/quarantine/juicy_malware_windows_64.exe.url", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/ftp/suspicious_errors.yml", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/assets/public/favicon_js.ico", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/favicon_js.ico", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/main.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/polyfills.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/runtime.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/styles.css", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/vendor.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/fileServer.js:15:13", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/fileServer.js:31:18", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/main.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/polyfills.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/runtime.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/styles.css", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/vendor.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/assets/public/favicon_js.ico", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/main.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/polyfills.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/runtime.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/styles.css", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/vendor.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:275:10", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:284:7", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:317:13", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:354:14", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:365:14", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:410:3", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/layer.js:95:5", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/main.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/polyfills.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/runtime.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/styles.css", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/vendor.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/assets/public/favicon_js.ico", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/favicon_js.ico", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/main.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/polyfills.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/runtime.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/styles.css", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/vendor.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/main.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/polyfills.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/polyfills.js:299:20", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/runtime.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/styles.css", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/vendor.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/assets/public/favicon_js.ico", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/main.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/polyfills.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/runtime.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/styles.css", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/vendor.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/index.js:145:39", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/main.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/polyfills.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/runtime.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/styles.css", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/vendor.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/main.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/polyfills.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/robots.txt", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/runtime.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/sitemap.xml", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/styles.css", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/vendor.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "Access-Control-Allow-Origin: *", - "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." - } - ] - }, - "id": "dcc781bc-d5e0-4c61-ad30-9d10e2acd607", - "parsed_at": "2024-04-09T09:50:10.750Z" + "id": "d2c305f2-ee86-41eb-8595-358a79683b31", + "parsed_at": "2025-04-03T16:48:27.404Z", + "scan": { + "created_at": "2025-04-03T16:47:49Z", + "name": "zap-automation-framework-juice-shop", + "namespace": "demo-targets", + "scan_type": "zap-automation-framework" + } + }, + { + "name": "Cross-Domain Misconfiguration", + "description": "Web browser data loading may be possible, due to a Cross Origin Resource Sharing (CORS) misconfiguration on the web server.", + "hint": null, + "category": "Cross-Domain Misconfiguration", + "location": "http://juice-shop.demo-targets.svc:3000", + "osi_layer": "APPLICATION", + "severity": "MEDIUM", + "references": [ + { + "type": "URL", + "value": "https://vulncat.fortify.com/en/detail?id=desc.config.dotnet.html5_overly_permissive_cors_policy" + }, + { + "type": "CWE", + "value": "CWE-264" + }, + { + "type": "URL", + "value": "https://cwe.mitre.org/data/definitions/264.html" + } + ], + "mitigation": "Ensure that sensitive data is not available in an unauthenticated manner (using IP address white-listing, for instance).Configure the \"Access-Control-Allow-Origin\" HTTP header to a more restrictive set of domains, or remove all CORS headers entirely, to allow the web browser to enforce the Same Origin Policy (SOP) in a more restrictive manner.", + "attributes": { + "hostname": "juice-shop.demo-targets.svc", + "port": "3000", + "zap_confidence": "2", + "zap_count": "83", + "zap_solution": "Ensure that sensitive data is not available in an unauthenticated manner (using IP address white-listing, for instance).Configure the \"Access-Control-Allow-Origin\" HTTP header to a more restrictive set of domains, or remove all CORS headers entirely, to allow the web browser to enforce the Same Origin Policy (SOP) in a more restrictive manner.", + "zap_otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.", + "zap_reference": "https://vulncat.fortify.com/en/detail?id=desc.config.dotnet.html5_overly_permissive_cors_policy", + "zap_cweid": "264", + "zap_wascid": "14", + "zap_riskcode": "2", + "zap_pluginid": "10098", + "zap_finding_urls": [ + { + "uri": "http://juice-shop.demo-targets.svc:3000/", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/acquisitions.md", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/announcement_encrypted.md", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/coupons_2013.md.bak", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/eastere.gg", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/encrypt.pyc", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/incident-support.kdbx", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/legal.md", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/package.json.bak", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/quarantine", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/quarantine/juicy_malware_linux_amd_64.url", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/quarantine/juicy_malware_linux_arm_64.url", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/quarantine/juicy_malware_macos_64.url", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/quarantine/juicy_malware_windows_64.exe.url", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/ftp/suspicious_errors.yml", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/assets/public/favicon_js.ico", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/favicon_js.ico", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/main.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/polyfills.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/runtime.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/styles.css", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/vendor.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/fileServer.js:15:13", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/fileServer.js:31:18", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/main.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/polyfills.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/runtime.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/styles.css", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/vendor.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/assets/public/favicon_js.ico", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/main.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/polyfills.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/runtime.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/styles.css", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/vendor.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:275:10", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:284:7", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:317:13", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:354:14", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:365:14", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:410:3", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/layer.js:95:5", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/main.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/polyfills.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/runtime.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/styles.css", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/vendor.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/assets/public/favicon_js.ico", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/favicon_js.ico", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/main.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/polyfills.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/runtime.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/styles.css", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/vendor.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/main.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/polyfills.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/polyfills.js:299:20", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/runtime.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/styles.css", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/vendor.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/assets/public/favicon_js.ico", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/main.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/polyfills.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/runtime.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/styles.css", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/vendor.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/index.js:145:39", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/main.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/polyfills.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/runtime.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/styles.css", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/vendor.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/main.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/polyfills.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/robots.txt", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/runtime.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/sitemap.xml", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/styles.css", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/vendor.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "Access-Control-Allow-Origin: *", + "otherinfo": "The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing." + } + ] }, - { - "name": "Cross-Domain JavaScript Source File Inclusion", - "description": "The page includes one or more script files from a third-party domain.", - "hint": null, - "category": "Cross-Domain JavaScript Source File Inclusion", - "location": "http://juiceshop.demo-targets.svc:3000", - "osi_layer": "APPLICATION", - "severity": "LOW", - "references": [ - { - "type": "CWE", - "value": "CWE-829" - }, - { - "type": "URL", - "value": "https://cwe.mitre.org/data/definitions/829.html" - } - ], - "mitigation": "Ensure JavaScript source files are loaded from only trusted sources, and the sources can't be controlled by end users of the application.", - "attributes": { - "hostname": "juiceshop.demo-targets.svc", - "port": "3000", - "zap_confidence": "2", - "zap_count": "122", - "zap_solution": "Ensure JavaScript source files are loaded from only trusted sources, and the sources can't be controlled by end users of the application.", - "zap_otherinfo": null, - "zap_reference": null, - "zap_cweid": "829", - "zap_wascid": "15", - "zap_riskcode": "1", - "zap_pluginid": "10017", - "zap_finding_urls": [ - { - "uri": "http://juiceshop.demo-targets.svc:3000/", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/assets/public/favicon_js.ico", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/assets/public/favicon_js.ico", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/favicon_js.ico", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/favicon_js.ico", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/main.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/main.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/polyfills.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/polyfills.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/runtime.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/runtime.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/styles.css", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/styles.css", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/vendor.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/vendor.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/fileServer.js:15:13", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/fileServer.js:15:13", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/fileServer.js:31:18", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/fileServer.js:31:18", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/main.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/main.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/polyfills.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/polyfills.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/runtime.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/runtime.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/styles.css", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/styles.css", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/vendor.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/build/routes/vendor.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/assets/public/favicon_js.ico", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/assets/public/favicon_js.ico", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/main.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/main.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/polyfills.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/polyfills.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/runtime.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/runtime.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/styles.css", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/styles.css", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/vendor.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/vendor.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:275:10", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:275:10", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:284:7", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:284:7", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:317:13", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:317:13", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:354:14", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:354:14", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:365:14", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:365:14", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:410:3", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:410:3", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/layer.js:95:5", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/layer.js:95:5", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/main.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/main.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/polyfills.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/polyfills.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/runtime.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/runtime.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/styles.css", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/styles.css", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/vendor.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/vendor.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/assets/public/favicon_js.ico", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/assets/public/favicon_js.ico", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/favicon_js.ico", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/favicon_js.ico", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/main.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/main.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/polyfills.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/polyfills.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/runtime.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/runtime.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/styles.css", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/styles.css", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/vendor.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/vendor.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/main.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/main.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/polyfills.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/polyfills.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/polyfills.js:299:20", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/polyfills.js:299:20", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/runtime.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/runtime.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/styles.css", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/styles.css", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/vendor.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/vendor.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/assets/public/favicon_js.ico", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/assets/public/favicon_js.ico", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/main.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/main.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/polyfills.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/polyfills.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/runtime.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/runtime.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/styles.css", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/styles.css", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/vendor.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/vendor.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/index.js:145:39", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/index.js:145:39", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/main.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/main.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/polyfills.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/polyfills.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/runtime.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/runtime.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/styles.css", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/styles.css", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/vendor.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/vendor.js", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/sitemap.xml", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - }, - { - "uri": "http://juiceshop.demo-targets.svc:3000/sitemap.xml", - "method": "GET", - "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", - "attack": "", - "evidence": "", - "otherinfo": "" - } - ] - }, - "id": "fcb51fca-70a5-4212-b39e-d98b8605c882", - "parsed_at": "2024-04-09T09:50:10.750Z" + "id": "92d7d2c8-be83-49df-bf53-c2bcff8c427c", + "parsed_at": "2025-04-03T16:48:27.406Z", + "scan": { + "created_at": "2025-04-03T16:47:49Z", + "name": "zap-automation-framework-juice-shop", + "namespace": "demo-targets", + "scan_type": "zap-automation-framework" + } + }, + { + "name": "Cross-Domain JavaScript Source File Inclusion", + "description": "The page includes one or more script files from a third-party domain.", + "hint": null, + "category": "Cross-Domain JavaScript Source File Inclusion", + "location": "http://juice-shop.demo-targets.svc:3000", + "osi_layer": "APPLICATION", + "severity": "LOW", + "references": [ + { + "type": "CWE", + "value": "CWE-829" + }, + { + "type": "URL", + "value": "https://cwe.mitre.org/data/definitions/829.html" + } + ], + "mitigation": "Ensure JavaScript source files are loaded from only trusted sources, and the sources can't be controlled by end users of the application.", + "attributes": { + "hostname": "juice-shop.demo-targets.svc", + "port": "3000", + "zap_confidence": "2", + "zap_count": "122", + "zap_solution": "Ensure JavaScript source files are loaded from only trusted sources, and the sources can't be controlled by end users of the application.", + "zap_otherinfo": null, + "zap_reference": null, + "zap_cweid": "829", + "zap_wascid": "15", + "zap_riskcode": "1", + "zap_pluginid": "10017", + "zap_finding_urls": [ + { + "uri": "http://juice-shop.demo-targets.svc:3000/", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/assets/public/favicon_js.ico", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/assets/public/favicon_js.ico", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/favicon_js.ico", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/favicon_js.ico", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/main.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/main.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/polyfills.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/polyfills.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/runtime.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/runtime.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/styles.css", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/styles.css", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/vendor.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/assets/public/vendor.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/fileServer.js:15:13", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/fileServer.js:15:13", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/fileServer.js:31:18", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/fileServer.js:31:18", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/main.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/main.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/polyfills.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/polyfills.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/runtime.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/runtime.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/styles.css", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/styles.css", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/vendor.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/build/routes/vendor.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/assets/public/favicon_js.ico", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/assets/public/favicon_js.ico", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/main.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/main.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/polyfills.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/polyfills.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/runtime.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/runtime.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/styles.css", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/styles.css", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/vendor.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/assets/public/vendor.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:275:10", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:275:10", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:284:7", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:284:7", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:317:13", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:317:13", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:354:14", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:354:14", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:365:14", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:365:14", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:410:3", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/index.js:410:3", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/layer.js:95:5", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/layer.js:95:5", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/main.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/main.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/polyfills.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/polyfills.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/runtime.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/runtime.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/styles.css", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/styles.css", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/vendor.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/express/lib/router/vendor.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/assets/public/favicon_js.ico", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/assets/public/favicon_js.ico", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/favicon_js.ico", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/favicon_js.ico", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/main.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/main.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/polyfills.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/polyfills.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/runtime.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/runtime.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/styles.css", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/styles.css", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/vendor.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/assets/public/vendor.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/main.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/main.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/polyfills.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/polyfills.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/polyfills.js:299:20", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/polyfills.js:299:20", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/runtime.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/runtime.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/styles.css", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/styles.css", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/vendor.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/graceful-fs/vendor.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/assets/public/favicon_js.ico", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/assets/public/favicon_js.ico", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/main.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/main.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/polyfills.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/polyfills.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/runtime.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/runtime.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/styles.css", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/styles.css", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/vendor.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/assets/public/vendor.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/index.js:145:39", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/index.js:145:39", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/main.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/main.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/polyfills.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/polyfills.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/runtime.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/runtime.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/styles.css", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/styles.css", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/vendor.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/juice-shop/node_modules/serve-index/vendor.js", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/sitemap.xml", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + }, + { + "uri": "http://juice-shop.demo-targets.svc:3000/sitemap.xml", + "method": "GET", + "param": "//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js", + "attack": "", + "evidence": "", + "otherinfo": "" + } + ] + }, + "id": "28422fc1-7bea-489c-ae18-ddd09ae25395", + "parsed_at": "2025-04-03T16:48:27.406Z", + "scan": { + "created_at": "2025-04-03T16:47:49Z", + "name": "zap-automation-framework-juice-shop", + "namespace": "demo-targets", + "scan_type": "zap-automation-framework" + } + }, + { + "name": "Timestamp Disclosure - Unix", + "description": "A timestamp was disclosed by the application/web server. - Unix", + "hint": null, + "category": "Timestamp Disclosure - Unix", + "location": "http://juice-shop.demo-targets.svc:3000", + "osi_layer": "APPLICATION", + "severity": "LOW", + "references": [ + { + "type": "URL", + "value": "https://cwe.mitre.org/data/definitions/200.html" + }, + { + "type": "CWE", + "value": "CWE-497" + }, + { + "type": "URL", + "value": "https://cwe.mitre.org/data/definitions/497.html" + } + ], + "mitigation": "Manually confirm that the timestamp data is not sensitive, and that the data cannot be aggregated to disclose exploitable patterns.", + "attributes": { + "hostname": "juice-shop.demo-targets.svc", + "port": "3000", + "zap_confidence": "1", + "zap_count": "1", + "zap_solution": "Manually confirm that the timestamp data is not sensitive, and that the data cannot be aggregated to disclose exploitable patterns.", + "zap_otherinfo": "1734944650, which evaluates to: 2024-12-23 09:04:10.", + "zap_reference": "https://cwe.mitre.org/data/definitions/200.html", + "zap_cweid": "497", + "zap_wascid": "13", + "zap_riskcode": "1", + "zap_pluginid": "10096", + "zap_finding_urls": [ + { + "uri": "http://juice-shop.demo-targets.svc:3000/main.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "1734944650", + "otherinfo": "1734944650, which evaluates to: 2024-12-23 09:04:10." + } + ] }, - { - "name": "Timestamp Disclosure - Unix", - "description": "A timestamp was disclosed by the application/web server - Unix", - "hint": null, - "category": "Timestamp Disclosure - Unix", - "location": "http://juiceshop.demo-targets.svc:3000", - "osi_layer": "APPLICATION", - "severity": "LOW", - "references": [ - { - "type": "URL", - "value": "https://cwe.mitre.org/data/definitions/200.html" - }, - { - "type": "CWE", - "value": "CWE-200" - }, - { - "type": "URL", - "value": "https://cwe.mitre.org/data/definitions/200.html" - } - ], - "mitigation": "Manually confirm that the timestamp data is not sensitive, and that the data cannot be aggregated to disclose exploitable patterns.", - "attributes": { - "hostname": "juiceshop.demo-targets.svc", - "port": "3000", - "zap_confidence": "1", - "zap_count": "1", - "zap_solution": "Manually confirm that the timestamp data is not sensitive, and that the data cannot be aggregated to disclose exploitable patterns.", - "zap_otherinfo": "1734944650, which evaluates to: 2024-12-23 09:04:10", - "zap_reference": "https://cwe.mitre.org/data/definitions/200.html", - "zap_cweid": "200", - "zap_wascid": "13", - "zap_riskcode": "1", - "zap_pluginid": "10096", - "zap_finding_urls": [ - { - "uri": "http://juiceshop.demo-targets.svc:3000/main.js", - "method": "GET", - "param": "", - "attack": "", - "evidence": "1734944650", - "otherinfo": "1734944650, which evaluates to: 2024-12-23 09:04:10" - } - ] - }, - "id": "35da2c42-81bc-4fe1-bae9-61872bbbfa24", - "parsed_at": "2024-04-09T09:50:10.750Z" + "id": "60ca9b32-2d06-45b2-af5b-13d2f9628941", + "parsed_at": "2025-04-03T16:48:27.406Z", + "scan": { + "created_at": "2025-04-03T16:47:49Z", + "name": "zap-automation-framework-juice-shop", + "namespace": "demo-targets", + "scan_type": "zap-automation-framework" } -] \ No newline at end of file + } +] diff --git a/scanners/zap-automation-framework/examples/demo-zap-baseline-scan/scan.yaml b/scanners/zap-automation-framework/examples/demo-zap-baseline-scan/scan.yaml index 52edc33436..c0a0079fce 100644 --- a/scanners/zap-automation-framework/examples/demo-zap-baseline-scan/scan.yaml +++ b/scanners/zap-automation-framework/examples/demo-zap-baseline-scan/scan.yaml @@ -13,7 +13,7 @@ data: env: # The environment, mandatory contexts : # List of 1 or more contexts, mandatory - name: zap-baseline-automation-scan # Name to be used to refer to this context in other jobs, mandatory - urls: ["http://juiceshop.demo-targets.svc:3000/"] # A mandatory list of top level urls, everything under each url will be included + urls: ["http://juice-shop.demo-targets.svc:3000/"] # A mandatory list of top level urls, everything under each url will be included jobs: - type: spider # The traditional spider - fast but doesnt handle modern apps so well parameters: @@ -51,4 +51,4 @@ spec: volumes: - name: zap-baseline-automation-framework-config configMap: - name: zap-baseline-automation-framework-config \ No newline at end of file + name: zap-baseline-automation-framework-config diff --git a/scanners/zap-automation-framework/tests/__snapshot__/scanner_test.yaml.snap b/scanners/zap-automation-framework/tests/__snapshot__/scanner_test.yaml.snap index cc80532f09..602f87a188 100644 --- a/scanners/zap-automation-framework/tests/__snapshot__/scanner_test.yaml.snap +++ b/scanners/zap-automation-framework/tests/__snapshot__/scanner_test.yaml.snap @@ -94,7 +94,7 @@ matches the snapshot: - /zap/zap-entrypoint.bash env: [] envFrom: [] - image: softwaresecurityproject/zap-stable:0.0.0 + image: docker.io/zaproxy/zap-stable:0.0.0 imagePullPolicy: IfNotPresent name: zap-automation-framework resources: diff --git a/scanners/zap-automation-framework/values.yaml b/scanners/zap-automation-framework/values.yaml index 5c88a1b927..9d10825d13 100644 --- a/scanners/zap-automation-framework/values.yaml +++ b/scanners/zap-automation-framework/values.yaml @@ -38,7 +38,7 @@ parser: scanner: image: # scanner.image.repository -- Container Image to run the scan - repository: softwaresecurityproject/zap-stable + repository: docker.io/zaproxy/zap-stable # scanner.image.tag -- defaults to the charts appVersion tag: null # -- Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images diff --git a/scanners/zap/Chart.yaml b/scanners/zap/Chart.yaml index 553941f432..6c2511de82 100644 --- a/scanners/zap/Chart.yaml +++ b/scanners/zap/Chart.yaml @@ -8,7 +8,7 @@ description: A Helm chart for the ZAP security scanner that integrates with the type: application # version - gets automatically set to the secureCodeBox release version when the helm charts gets published version: v3.1.0-alpha1 -appVersion: "2.16.0" +appVersion: "2.16.1" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/zaproxy/zaproxy/releases/latest diff --git a/scanners/zap/README.md b/scanners/zap/README.md index b3b2673271..b162ad6bfd 100644 --- a/scanners/zap/README.md +++ b/scanners/zap/README.md @@ -3,7 +3,7 @@ title: "ZAP" category: "scanner" type: "WebApplication" state: "released" -appVersion: "2.16.0" +appVersion: "2.16.1" usecase: "WebApp & OpenAPI Vulnerability Scanner" --- @@ -288,7 +288,7 @@ Alternatively, have a look at the [official documentation](https://www.zaproxy.o | scanner.extraVolumeMounts | list | `[{"mountPath":"/zap/wrk","name":"zap-workdir"}]` | Optional VolumeMounts mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) | | scanner.extraVolumes | list | `[{"emptyDir":{},"name":"zap-workdir"}]` | Optional Volumes mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) | | scanner.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images | -| scanner.image.repository | string | `"softwaresecurityproject/zap-stable"` | Container Image to run the scan | +| scanner.image.repository | string | `"docker.io/zaproxy/zap-stable"` | Container Image to run the scan | | scanner.image.tag | string | `nil` | defaults to the charts appVersion | | scanner.nameAppend | string | `nil` | append a string to the default scantype name. | | scanner.nodeSelector | object | `{}` | Optional nodeSelector settings that control how the scanner job is scheduled (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes/) | diff --git a/scanners/zap/docs/README.ArtifactHub.md b/scanners/zap/docs/README.ArtifactHub.md index 011d7c52a8..cf6c23c19e 100644 --- a/scanners/zap/docs/README.ArtifactHub.md +++ b/scanners/zap/docs/README.ArtifactHub.md @@ -293,7 +293,7 @@ Alternatively, have a look at the [official documentation](https://www.zaproxy.o | scanner.extraVolumeMounts | list | `[{"mountPath":"/zap/wrk","name":"zap-workdir"}]` | Optional VolumeMounts mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) | | scanner.extraVolumes | list | `[{"emptyDir":{},"name":"zap-workdir"}]` | Optional Volumes mapped into each scanJob (see: https://kubernetes.io/docs/concepts/storage/volumes/) | | scanner.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images | -| scanner.image.repository | string | `"softwaresecurityproject/zap-stable"` | Container Image to run the scan | +| scanner.image.repository | string | `"docker.io/zaproxy/zap-stable"` | Container Image to run the scan | | scanner.image.tag | string | `nil` | defaults to the charts appVersion | | scanner.nameAppend | string | `nil` | append a string to the default scantype name. | | scanner.nodeSelector | object | `{}` | Optional nodeSelector settings that control how the scanner job is scheduled (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes/) | diff --git a/scanners/zap/tests/__snapshot__/scanner_test.yaml.snap b/scanners/zap/tests/__snapshot__/scanner_test.yaml.snap index 8d4379a29f..260491a3fc 100644 --- a/scanners/zap/tests/__snapshot__/scanner_test.yaml.snap +++ b/scanners/zap/tests/__snapshot__/scanner_test.yaml.snap @@ -88,7 +88,7 @@ matches the snapshot: - ../../home/securecodebox/zap-results.xml env: [] envFrom: [] - image: softwaresecurityproject/zap-stable:0.0.0 + image: docker.io/zaproxy/zap-stable:0.0.0 imagePullPolicy: IfNotPresent name: zap-baseline-scan resources: @@ -139,7 +139,7 @@ matches the snapshot: - ../../home/securecodebox/zap-results.xml env: [] envFrom: [] - image: softwaresecurityproject/zap-stable:0.0.0 + image: docker.io/zaproxy/zap-stable:0.0.0 name: zap-api-scan resources: foo: bar @@ -187,7 +187,7 @@ matches the snapshot: - ../../home/securecodebox/zap-results.xml env: [] envFrom: [] - image: softwaresecurityproject/zap-stable:0.0.0 + image: docker.io/zaproxy/zap-stable:0.0.0 imagePullPolicy: IfNotPresent name: zap-full-scan resources: @@ -234,7 +234,7 @@ matches the snapshot: - -cmd env: [] envFrom: [] - image: softwaresecurityproject/zap-stable:0.0.0 + image: docker.io/zaproxy/zap-stable:0.0.0 imagePullPolicy: IfNotPresent name: zap-automation-scan resources: diff --git a/scanners/zap/values.yaml b/scanners/zap/values.yaml index 6ae361a6b4..d53611b223 100644 --- a/scanners/zap/values.yaml +++ b/scanners/zap/values.yaml @@ -38,7 +38,7 @@ parser: scanner: image: # scanner.image.repository -- Container Image to run the scan - repository: softwaresecurityproject/zap-stable + repository: docker.io/zaproxy/zap-stable # scanner.image.tag -- defaults to the charts appVersion tag: null # -- Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images