WARN-NEW: Incomplete or No Cache-control and Pragma HTTP Header Set [10015] x 2
- secrets -- bug 1408477
- tools
- github -- bug 1408477
- auth -- bug 1408477
- scheduler -- bug 1408475
- queue -- bug 1408477
- purge-cache -- bug 1408477
- notify -- bug 1408477
- login -- bug 1408477
- index -- bug 1408477
- hooks -- bug 1408477
- ec2-manager -- bug 1408477
- cloud-mirror -- bug 1408477
- aws-provisioner -- bug 1408477
- docs -- ZAP#640
WARN-NEW: Cross-Domain JavaScript Source File Inclusion [10017] x 1
- login -- bug 1404461
- docs -- docs will be unified
WARN-NEW: Information Disclosure - Debug Error Messages [10023] x 4
- docs -- PR#601
WARN-NEW: Cookie Without SameSite Attribute [10054] x 4
- login -- bug 1404461
WARN-NEW: The JavaScript file 'jquery.min.js' includes a vulnerable version of the library 'jquery' [322420463] x 2
- login -- bug 1404461
- docs -- bug 1408478
WARN-NEW: Application Error Disclosure [90022] x 12
- docs -- PR#600
FAIL-NEW: X-Frame-Options Header Not Set [10020] x 3
- login -- bug 1404461
- docs -- bug 1408474
FAIL-NEW: X-Content-Type-Options Header Missing [10021] x 1
- secrets -- bug 1408476
- github -- bug 1408476
- auth -- bug 1408476
- scheduler -- bug 1408475
- queue -- bug 1408476
- purge-cache -- bug 1408476
- notify -- bug 1408476
- login -- bug 1408476
- index -- bug 1408476
- ec2-manager -- bug 1408476
- cloud-mirror -- bug 1408476
- aws-provisioner -- bug 1408476
- docs -- bug 1408474
FAIL-NEW: Content Security Policy (CSP) Header Not Set [10038] x 6
- github -- bug 1408471
- auth -- bug 1408471
- queue -- bug 1408471
- purge-cache -- bug 1408471
- notify -- bug 1408471
- index -- bug 1408471
- login -- bug 1408471
- events -- bug 1408471
- ec2-manager -- bug 1408471
- cloud-mirror -- bug 1408471
- aws-provisioner -- bug 1408471
- scheduler -- bug 1408475
- docs -- bug 1408474
FAIL-NEW: Strict-Transport-Security Header Not Set [10035] x 5
- secrets -- bug 1408471
- statsum
- scheduler -- bug 1408475
- login -- bug 1408471
- events -- bug 1408471
- docs -- bug 1408474
- schemas -- PR#599
- references -- PR#599
- public-artifacts -- PR#599
FAIL-NEW: Cross-Domain Misconfiguration [10098] x 2
- secrets -- ZAP#602
- github -- ZAP#602
- auth -- ZAP#602
- scheduler -- ZAP#602
- queue -- ZAP#602
- purge-cache -- ZAP#602
- notify -- ZAP#602
- index -- ZAP#602
- login -- ZAP#602
- ec2-manager -- ZAP#602
- cloud-mirror -- ZAP#602
- aws-provisioner -- ZAP#602
FAIL-NEW: Cookie No HttpOnly Flag [10010] x 2
- login -- bug 1404461
FAIL-NEW: Absence of Anti-CSRF Tokens [10202] x 6
- login -- bug 1404461
- docs -- docs will be unified