ZAP Full Scan Report

[github-actions]

• Site: http://localhost:5000
  New Alerts
  • CORS Misconfiguration [40040] total: 4:
    • http://localhost:5000
    • http://localhost:5000/
    • http://localhost:5000/robots.txt
    • http://localhost:5000/sitemap.xml
  • Content Security Policy (CSP) Header Not Set [10038] total: 2:
    • http://localhost:5000
    • http://localhost:5000/
  • Cross-Domain Misconfiguration [10098] total: 4:
    • http://localhost:5000
    • http://localhost:5000/
    • http://localhost:5000/robots.txt
    • http://localhost:5000/sitemap.xml
  • Missing Anti-clickjacking Header [10020] total: 2:
    • http://localhost:5000
    • http://localhost:5000/
  • Permissions Policy Header Not Set [10063] total: 2:
    • http://localhost:5000
    • http://localhost:5000/
  • Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) [10037] total: 4:
    • http://localhost:5000
    • http://localhost:5000/
    • http://localhost:5000/robots.txt
    • http://localhost:5000/sitemap.xml
  • X-Content-Type-Options Header Missing [10021] total: 2:
    • http://localhost:5000
    • http://localhost:5000/
  • Storable and Cacheable Content [10049] total: 4:
    • http://localhost:5000
    • http://localhost:5000/
    • http://localhost:5000/robots.txt
    • http://localhost:5000/sitemap.xml

View the following link to download the report.
RunnerID:8614793051

---

ZAP is supported by the Crash Override Open Source Fellowship