ZAP dev Frontend Baseline Scan Report

- Site: [https://itvr-dev.apps.silver.devops.gov.bc.ca](https://itvr-dev.apps.silver.devops.gov.bc.ca) 
 	 **New Alerts** 
	- **Bypassing 403** [40038] total: 4:  
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/static%20/](https://itvr-dev.apps.silver.devops.gov.bc.ca/static%20/) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/static/css%20/](https://itvr-dev.apps.silver.devops.gov.bc.ca/static/css%20/) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/static/js%20/](https://itvr-dev.apps.silver.devops.gov.bc.ca/static/js%20/) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/static/js/config%20/](https://itvr-dev.apps.silver.devops.gov.bc.ca/static/js/config%20/) 
	- **Content Security Policy (CSP) Header Not Set** [10038] total: 3:  
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca](https://itvr-dev.apps.silver.devops.gov.bc.ca) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/](https://itvr-dev.apps.silver.devops.gov.bc.ca/) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/sitemap.xml](https://itvr-dev.apps.silver.devops.gov.bc.ca/sitemap.xml) 
	- **Hidden File Found** [40035] total: 1:  
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/BitKeeper](https://itvr-dev.apps.silver.devops.gov.bc.ca/BitKeeper) 
	- **Proxy Disclosure** [40025] total: 15:  
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca](https://itvr-dev.apps.silver.devops.gov.bc.ca) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/](https://itvr-dev.apps.silver.devops.gov.bc.ca/) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/favicon.ico](https://itvr-dev.apps.silver.devops.gov.bc.ca/favicon.ico) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/logo192.png](https://itvr-dev.apps.silver.devops.gov.bc.ca/logo192.png) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/manifest.json](https://itvr-dev.apps.silver.devops.gov.bc.ca/manifest.json) 
		- .. 
	- **Cookie with SameSite Attribute None** [10054] total: 2:  
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca](https://itvr-dev.apps.silver.devops.gov.bc.ca) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/](https://itvr-dev.apps.silver.devops.gov.bc.ca/) 
	- **Insufficient Site Isolation Against Spectre Vulnerability** [90004] total: 11:  
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca](https://itvr-dev.apps.silver.devops.gov.bc.ca) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/](https://itvr-dev.apps.silver.devops.gov.bc.ca/) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/favicon.ico](https://itvr-dev.apps.silver.devops.gov.bc.ca/favicon.ico) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/robots.txt](https://itvr-dev.apps.silver.devops.gov.bc.ca/robots.txt) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/sitemap.xml](https://itvr-dev.apps.silver.devops.gov.bc.ca/sitemap.xml) 
		- .. 
	- **Permissions Policy Header Not Set** [10063] total: 6:  
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca](https://itvr-dev.apps.silver.devops.gov.bc.ca) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/](https://itvr-dev.apps.silver.devops.gov.bc.ca/) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/sitemap.xml](https://itvr-dev.apps.silver.devops.gov.bc.ca/sitemap.xml) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/static/js/config/features.js](https://itvr-dev.apps.silver.devops.gov.bc.ca/static/js/config/features.js) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/static/js/main.5583c163.js](https://itvr-dev.apps.silver.devops.gov.bc.ca/static/js/main.5583c163.js) 
		- .. 
	- **Strict-Transport-Security Header Not Set** [10035] total: 11:  
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca](https://itvr-dev.apps.silver.devops.gov.bc.ca) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/](https://itvr-dev.apps.silver.devops.gov.bc.ca/) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/favicon.ico](https://itvr-dev.apps.silver.devops.gov.bc.ca/favicon.ico) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/logo192.png](https://itvr-dev.apps.silver.devops.gov.bc.ca/logo192.png) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/manifest.json](https://itvr-dev.apps.silver.devops.gov.bc.ca/manifest.json) 
		- .. 
	- **Timestamp Disclosure - Unix** [10096] total: 1:  
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/static/js/main.5583c163.js](https://itvr-dev.apps.silver.devops.gov.bc.ca/static/js/main.5583c163.js) 
	- **X-Content-Type-Options Header Missing** [10021] total: 11:  
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca](https://itvr-dev.apps.silver.devops.gov.bc.ca) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/](https://itvr-dev.apps.silver.devops.gov.bc.ca/) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/favicon.ico](https://itvr-dev.apps.silver.devops.gov.bc.ca/favicon.ico) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/logo192.png](https://itvr-dev.apps.silver.devops.gov.bc.ca/logo192.png) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/manifest.json](https://itvr-dev.apps.silver.devops.gov.bc.ca/manifest.json) 
		- .. 
	- **Cookie Slack Detector** [90027] total: 15:  
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca](https://itvr-dev.apps.silver.devops.gov.bc.ca) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/](https://itvr-dev.apps.silver.devops.gov.bc.ca/) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/favicon.ico](https://itvr-dev.apps.silver.devops.gov.bc.ca/favicon.ico) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/logo192.png](https://itvr-dev.apps.silver.devops.gov.bc.ca/logo192.png) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/manifest.json](https://itvr-dev.apps.silver.devops.gov.bc.ca/manifest.json) 
		- .. 
	- **Information Disclosure - Suspicious Comments** [10027] total: 1:  
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/static/js/main.5583c163.js](https://itvr-dev.apps.silver.devops.gov.bc.ca/static/js/main.5583c163.js) 
	- **Modern Web Application** [10109] total: 3:  
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca](https://itvr-dev.apps.silver.devops.gov.bc.ca) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/](https://itvr-dev.apps.silver.devops.gov.bc.ca/) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/sitemap.xml](https://itvr-dev.apps.silver.devops.gov.bc.ca/sitemap.xml) 
	- **Non-Storable Content** [10049] total: 2:  
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca](https://itvr-dev.apps.silver.devops.gov.bc.ca) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/](https://itvr-dev.apps.silver.devops.gov.bc.ca/) 
	- **Re-examine Cache-control Directives** [10015] total: 6:  
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca](https://itvr-dev.apps.silver.devops.gov.bc.ca) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/](https://itvr-dev.apps.silver.devops.gov.bc.ca/) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/](https://itvr-dev.apps.silver.devops.gov.bc.ca/) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/manifest.json](https://itvr-dev.apps.silver.devops.gov.bc.ca/manifest.json) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/robots.txt](https://itvr-dev.apps.silver.devops.gov.bc.ca/robots.txt) 
		- .. 
	- **Session Management Response Identified** [10112] total: 2:  
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca](https://itvr-dev.apps.silver.devops.gov.bc.ca) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/](https://itvr-dev.apps.silver.devops.gov.bc.ca/) 
	- **Storable and Cacheable Content** [10049] total: 10:  
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/](https://itvr-dev.apps.silver.devops.gov.bc.ca/) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/favicon.ico](https://itvr-dev.apps.silver.devops.gov.bc.ca/favicon.ico) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/logo192.png](https://itvr-dev.apps.silver.devops.gov.bc.ca/logo192.png) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/manifest.json](https://itvr-dev.apps.silver.devops.gov.bc.ca/manifest.json) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/robots.txt](https://itvr-dev.apps.silver.devops.gov.bc.ca/robots.txt) 
		- .. 
	- **User Agent Fuzzer** [10104] total: 48:  
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/static](https://itvr-dev.apps.silver.devops.gov.bc.ca/static) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/static](https://itvr-dev.apps.silver.devops.gov.bc.ca/static) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/static](https://itvr-dev.apps.silver.devops.gov.bc.ca/static) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/static](https://itvr-dev.apps.silver.devops.gov.bc.ca/static) 
		- [https://itvr-dev.apps.silver.devops.gov.bc.ca/static](https://itvr-dev.apps.silver.devops.gov.bc.ca/static) 
		- .. 



View the [following link](https://github.com/bcgov/itvr/actions/runs/13704738216) to download the report.
RunnerID:13704738216

---
[ZAP by Checkmarx](https://checkmarx.com/)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ZAP dev Frontend Baseline Scan Report #783

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

ZAP dev Frontend Baseline Scan Report #783

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions