Scribd
Upload
53 views7 pages

2022 12 27 ZAP Report

The document summarizes alerts from a security scan. There were a total of 6 alerts, with 2 medium severity issues, 3 low severity issues, and 1 informational issue. The medium issues were a lack of Content Security Policy headers and use of a vulnerable JavaScript library. There were also several low severity issues around cookie attributes.

Uploaded by

RandomG05
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
53 views7 pages

2022 12 27 ZAP Report

The document summarizes alerts from a security scan. There were a total of 6 alerts, with 2 medium severity issues, 3 low severity issues, and 1 informational issue. The medium issues were a lack of Content Security Policy headers and use of a vulnerable JavaScript library. There were also several low severity issues around cookie attributes.

Uploaded by

RandomG05
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

JM ARSIP

Site: http://archive.jmtohcs.cloud
Generated on Tue, 27 Dec 2022 08:16:53

Summary of Alerts

Risk Level Number of Alerts


High 0
Medium 2
Low 3
Informational 1

Alerts

Number of
Name Risk Level
Instances
Content Security Policy (CSP) Header Not Set Medium 3
Vulnerable JS Library Medium 1
Cookie No HttpOnly Flag Low 6
Cookie without SameSite Attribute Low 12
X-Content-Type-Options Header Missing Low 7
Information Disclosure - Suspicious Comments Informational 17

Alert Detail

Medium Content Security Policy (CSP) Header Not Set


Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate
certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks.
These attacks are used for everything from data theft to site defacement or distribution of
Description malware. CSP provides a set of standard HTTP headers that allow website owners to
declare approved sources of content that browsers should be allowed to load on that page
— covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable
objects such as Java applets, ActiveX, audio and video files.

URL http://archive.jmtohcs.cloud
Method GET
Attack
Evidence
URL http://archive.jmtohcs.cloud/login
Method GET
Attack
Evidence
URL http://archive.jmtohcs.cloud/password/reset
Method GET
Attack
Evidence
Instances 3
Ensure that your web server, application server, load balancer, etc. is configured to set the
Content-Security-Policy header, to achieve optimal browser support: "Content-Security-
Solution
Policy" for Chrome 25+, Firefox 23+ and Safari 7+, "X-Content-Security-Policy" for Firefox
4.0+ and Internet Explorer 10+, and "X-WebKit-CSP" for Chrome 14+ and Safari 6+.
https://developer.mozilla.org/en-US/docs/Web/Security/CSP
/Introducing_Content_Security_Policy
https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html

Reference http://www.w3.org/TR/CSP/
http://w3c.github.io/webappsec/specs/content-security-policy/csp-specification.dev.html
http://www.html5rocks.com/en/tutorials/security/content-security-policy/
http://caniuse.com/#feat=contentsecuritypolicy
http://content-security-policy.com/
CWE Id 693
WASC Id 15
Plugin Id 10038

Medium Vulnerable JS Library


Description The identified library jquery-ui, version 1.12.1 is vulnerable.

URL http://archive.jmtohcs.cloud/js/dist/all.js?id=ea971e5285bb940af1a908bbeeb6fcb8
Method GET
Attack
Evidence /*! jQuery UI - v1.12.1
Instances 1
Solution Please upgrade to the latest version of jquery-ui.
https://bugs.jqueryui.com/ticket/15284
https://nvd.nist.gov/vuln/detail/CVE-2022-31160
https://github.com/jquery/jquery-ui/security/advisories/GHSA-h6gj-6jjq-h8g9
https://github.com/jquery/jquery-ui/security/advisories/GHSA-gpqq-952q-5327
Reference
https://nvd.nist.gov/vuln/detail/CVE-2021-41184
https://nvd.nist.gov/vuln/detail/CVE-2021-41183
https://github.com/jquery/jquery-ui/security/advisories/GHSA-9gj3-hwp5-pmwc
https://nvd.nist.gov/vuln/detail/CVE-2021-41182
CWE Id 829
WASC Id
Plugin Id 10003

Low Cookie No HttpOnly Flag


A cookie has been set without the HttpOnly flag, which means that the cookie can be
accessed by JavaScript. If a malicious script can be run on this page then the cookie will be
Description
accessible and can be transmitted to another site. If this is a session cookie then session
hijacking may be possible.

URL http://archive.jmtohcs.cloud
Method GET
Attack
Evidence Set-Cookie: XSRF-TOKEN
URL http://archive.jmtohcs.cloud/
Method GET
Attack
Evidence Set-Cookie: XSRF-TOKEN
URL http://archive.jmtohcs.cloud/login
Method GET
Attack
Evidence Set-Cookie: XSRF-TOKEN
URL http://archive.jmtohcs.cloud/password/reset
Method GET
Attack
Evidence Set-Cookie: XSRF-TOKEN
URL http://archive.jmtohcs.cloud/login
Method POST
Attack
Evidence Set-Cookie: XSRF-TOKEN
URL http://archive.jmtohcs.cloud/password/email
Method POST
Attack
Evidence Set-Cookie: XSRF-TOKEN
Instances 6
Solution Ensure that the HttpOnly flag is set for all cookies.
Reference https://owasp.org/www-community/HttpOnly
CWE Id 1004
WASC Id 13
Plugin Id 10010

Low Cookie without SameSite Attribute


A cookie has been set without the SameSite attribute, which means that the cookie can be
Description sent as a result of a 'cross-site' request. The SameSite attribute is an effective counter
measure to cross-site request forgery, cross-site script inclusion, and timing attacks.

URL http://archive.jmtohcs.cloud
Method GET
Attack
Evidence Set-Cookie: snipeit_session
URL http://archive.jmtohcs.cloud
Method GET
Attack
Evidence Set-Cookie: XSRF-TOKEN
URL http://archive.jmtohcs.cloud/
Method GET
Attack
Evidence Set-Cookie: snipeit_session
URL http://archive.jmtohcs.cloud/
Method GET
Attack
Evidence Set-Cookie: XSRF-TOKEN
URL http://archive.jmtohcs.cloud/login
Method GET
Attack
Evidence Set-Cookie: snipeit_session
URL http://archive.jmtohcs.cloud/login
Method GET
Attack
Evidence Set-Cookie: XSRF-TOKEN
URL http://archive.jmtohcs.cloud/password/reset
Method GET
Attack
Evidence Set-Cookie: snipeit_session
URL http://archive.jmtohcs.cloud/password/reset
Method GET
Attack
Evidence Set-Cookie: XSRF-TOKEN
URL http://archive.jmtohcs.cloud/login
Method POST
Attack
Evidence Set-Cookie: snipeit_session
URL http://archive.jmtohcs.cloud/login
Method POST
Attack
Evidence Set-Cookie: XSRF-TOKEN
URL http://archive.jmtohcs.cloud/password/email
Method POST
Attack
Evidence Set-Cookie: snipeit_session
URL http://archive.jmtohcs.cloud/password/email
Method POST
Attack
Evidence Set-Cookie: XSRF-TOKEN
Instances 12
Solution Ensure that the SameSite attribute is set to either 'lax' or ideally 'strict' for all cookies.
Reference https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site
CWE Id 1275
WASC Id 13
Plugin Id 10054

Low X-Content-Type-Options Header Missing


The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows
older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response
body, potentially causing the response body to be interpreted and displayed as a content
Description
type other than the declared content type. Current (early 2014) and legacy versions of
Firefox will use the declared content type (if one is set), rather than performing MIME-
sniffing.

URL http://archive.jmtohcs.cloud/css/dist/all.css?id=45dfcf96080d80030e52951ac1947e96
Method GET
Attack
Evidence
URL http://archive.jmtohcs.cloud/css/dist/blue.png
Method GET
Attack
Evidence
URL http://archive.jmtohcs.cloud/css/webfonts/fa-solid-900.woff2
Method GET
Attack
Evidence
URL http://archive.jmtohcs.cloud/favicon.ico
Method GET
Attack
Evidence
URL http://archive.jmtohcs.cloud/js/dist/all.js?id=ea971e5285bb940af1a908bbeeb6fcb8
Method GET
Attack
Evidence
URL http://archive.jmtohcs.cloud/uploads/setting-logo-vjtWfjxxpx.svg
Method GET
Attack
Evidence
URL http://archive.jmtohcs.cloud/vendor/livewire/livewire.js?id=c69d0f2801c01fcf8166
Method GET
Attack
Evidence
Instances 7
Ensure that the application/web server sets the Content-Type header appropriately, and
that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.
Solution
If possible, ensure that the end user uses a standards-compliant and modern web browser
that does not perform MIME-sniffing at all, or that can be directed by the web application
/web server to not perform MIME-sniffing.
http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx
Reference
https://owasp.org/www-community/Security_Headers
CWE Id 693
WASC Id 15
Plugin Id 10021
Informational Information Disclosure - Suspicious Comments
The response appears to contain suspicious comments which may help an attacker. Note:
Description
Matches made within script blocks or files are against the entire content not only comments.

URL http://archive.jmtohcs.cloud/js/dist/all.js?id=ea971e5285bb940af1a908bbeeb6fcb8
Method GET
Attack
Evidence admin
URL http://archive.jmtohcs.cloud/js/dist/all.js?id=ea971e5285bb940af1a908bbeeb6fcb8
Method GET
Attack
Evidence bug
URL http://archive.jmtohcs.cloud/js/dist/all.js?id=ea971e5285bb940af1a908bbeeb6fcb8
Method GET
Attack
Evidence bugs
URL http://archive.jmtohcs.cloud/js/dist/all.js?id=ea971e5285bb940af1a908bbeeb6fcb8
Method GET
Attack
Evidence DB
URL http://archive.jmtohcs.cloud/js/dist/all.js?id=ea971e5285bb940af1a908bbeeb6fcb8
Method GET
Attack
Evidence from
URL http://archive.jmtohcs.cloud/js/dist/all.js?id=ea971e5285bb940af1a908bbeeb6fcb8
Method GET
Attack
Evidence later
URL http://archive.jmtohcs.cloud/js/dist/all.js?id=ea971e5285bb940af1a908bbeeb6fcb8
Method GET
Attack
Evidence query
URL http://archive.jmtohcs.cloud/js/dist/all.js?id=ea971e5285bb940af1a908bbeeb6fcb8
Method GET
Attack
Evidence select
URL http://archive.jmtohcs.cloud/js/dist/all.js?id=ea971e5285bb940af1a908bbeeb6fcb8
Method GET
Attack
Evidence TODO
URL http://archive.jmtohcs.cloud/js/dist/all.js?id=ea971e5285bb940af1a908bbeeb6fcb8
Method GET
Attack
Evidence user
URL http://archive.jmtohcs.cloud/js/dist/all.js?id=ea971e5285bb940af1a908bbeeb6fcb8
Method GET
Attack
Evidence username
URL http://archive.jmtohcs.cloud/js/dist/all.js?id=ea971e5285bb940af1a908bbeeb6fcb8
Method GET
Attack
Evidence where
URL http://archive.jmtohcs.cloud/js/dist/all.js?id=ea971e5285bb940af1a908bbeeb6fcb8
Method GET
Attack
Evidence xxx
URL http://archive.jmtohcs.cloud/vendor/livewire/livewire.js?id=c69d0f2801c01fcf8166
Method GET
Attack
Evidence from
URL http://archive.jmtohcs.cloud/vendor/livewire/livewire.js?id=c69d0f2801c01fcf8166
Method GET
Attack
Evidence SELECT
URL http://archive.jmtohcs.cloud
Method GET
Attack
Evidence from
URL http://archive.jmtohcs.cloud/login
Method GET
Attack
Evidence from
Instances 17
Remove all comments that return information that may help an attacker and fix any
Solution
underlying problems they refer to.
Reference
CWE Id 200
WASC Id 13
Plugin Id 10027

You might also like