Report generated on: 2024-12-03 11:12
Rating: ★☆☆☆☆ Status: Fail
Type | Last Scan Date | Critical | High | Medium | Low |
---|---|---|---|---|---|
Static | 2024-12-03 08:52 | 36 | 15 | 0 | 0 |
Dynamic | 2024-11-07 09:39 | 2 | 2 | 2 | 15 |
Mobile | N/A | 0 | 0 | 0 | 0 |
Open Source | 2024-12-03 08:52 | 7 | 44 | 25 | 1 |
Total | 45 | 61 | 27 | 16 |
- Critical (Static) - Mass Assignment: Request Parameters Bound into Persisted Objects:
src/main/java/com/microfocus/example/entity/User.java:46
Summary: The class in User.java is both a database persistent entity and a dynamically bound request object. Allowing database persistent entities to be auto-populated by request parameters will let an attacker create unintended database records in association entities or update unintended fields in the entity object. Allowing database persistent entities to be auto-populated by request parameters will let an attacker create unintended records in association entities or update unintended fields in the entity object.
- Critical (Static) - Weak Encryption:
src/main/java/com/microfocus/example/utils/EncryptedPasswordUtils.java:76
Summary: The call to getInstance() at EncryptedPasswordUtils.java line 76 uses a weak encryption algorithm that cannot guarantee the confidentiality of sensitive data.The identified call uses a weak encryption algorithm that cannot guarantee the confidentiality of sensitive data.
- Critical (Static) - Path Manipulation:
src/main/java/com/microfocus/example/service/FileSystemStorageService.java:143
Summary: Attackers can control the file system path argument to resolve() at FileSystemStorageService.java line 143, which allows them to access or modify otherwise protected files.Allowing user input to control paths used in file system operations could enable an attacker to access or modify otherwise protected system resources.
- Critical (Static) - Privacy Violation:
src/main/java/com/microfocus/example/api/controllers/ApiUserController.java:123
Summary: The method createUser() in ApiUserController.java mishandles confidential information, which can compromise user privacy and is often illegal.Mishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal.
- Critical (Static) - HTML5: Missing Framing Protection:
src/main/java/com/microfocus/example/config/WebSecurityConfiguration.java:149
Summary: The application does not restrict browsers from letting third-party sites render its content.
- Critical (Static) - Path Manipulation:
src/main/java/com/microfocus/example/service/FileSystemStorageService.java:54
Summary: Attackers can control the file system path argument to get() at FileSystemStorageService.java line 54, which allows them to access or modify otherwise protected files.Allowing user input to control paths used in file system operations could enable an attacker to access or modify otherwise protected system resources.
- Critical (Static) - Privacy Violation:
src/main/java/com/microfocus/example/api/controllers/ApiUserController.java:123
Summary: The method createUser() in ApiUserController.java mishandles confidential information, which can compromise user privacy and is often illegal.Mishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal.
- Critical (Static) - Privacy Violation:
src/main/java/com/microfocus/example/utils/EmailUtils.java:77
Summary: The method setEmailPassword() in EmailUtils.java mishandles confidential information, which can compromise user privacy and is often illegal.Mishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal.
- Critical (Static) - HTML5: Missing Content Security Policy:
src/main/java/com/microfocus/example/config/WebSecurityConfiguration.java:111
Summary: Content Security Policy (CSP) is not configured.
- Critical (Static) - JSON Injection:
src/main/java/com/microfocus/example/utils/UserUtils.java:119
Summary: On line 119 of UserUtils.java, the method registerUser() writes unvalidated input into JSON. This call might allow an attacker to inject arbitrary elements or attributes into the JSON entity.The method writes unvalidated input into JSON. This call might allow an attacker to inject arbitrary elements or attributes into the JSON entity.
- Critical (Static) - XML External Entity Injection:
src/main/java/com/microfocus/example/web/controllers/UserController.java:890
Summary: XML parser configured in UserController.java:890 does not prevent nor limit external entities resolution. This can expose the parser to an XML External Entities attackUsing XML parsers that are not configured to prevent or limit external entities resolution can expose the parser to an XML External Entities attack.
- Critical (Static) - Privacy Violation:
src/main/java/com/microfocus/example/api/controllers/ApiUserController.java:123
Summary: The method createUser() in ApiUserController.java mishandles confidential information, which can compromise user privacy and is often illegal.Mishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal.
- Critical (Static) - HTML5: Missing Content Security Policy:
src/main/java/com/microfocus/example/config/WebSecurityConfiguration.java:145
Summary: Content Security Policy (CSP) is not configured.
- Critical (Static) - Weak Encryption:
src/main/java/com/microfocus/example/utils/EncryptedPasswordUtils.java:47
Summary: The call to getInstance() at EncryptedPasswordUtils.java line 47 uses a weak encryption algorithm that cannot guarantee the confidentiality of sensitive data.The identified call uses a weak encryption algorithm that cannot guarantee the confidentiality of sensitive data.
- Critical (Static) - Path Manipulation:
src/main/java/com/microfocus/example/service/FileSystemStorageService.java:78
Summary: Attackers can control the file system path argument to get() at FileSystemStorageService.java line 78, which allows them to access or modify otherwise protected files.Allowing user input to control paths used in file system operations could enable an attacker to access or modify otherwise protected system resources.
- Critical (Static) - Weak Encryption: Insecure Mode of Operation:
src/main/java/com/microfocus/example/utils/EncryptedPasswordUtils.java:76
Summary: The function matches() in EncryptedPasswordUtils.java uses a cryptographic encryption algorithm with an insecure mode of operation on line 76.Do not use cryptographic encryption algorithms with an insecure mode of operation.
- Critical (Static) - Path Manipulation:
src/main/java/com/microfocus/example/service/FileSystemStorageService.java:143
Summary: Attackers can control the file system path argument to resolve() at FileSystemStorageService.java line 143, which allows them to access or modify otherwise protected files.Allowing user input to control paths used in file system operations could enable an attacker to access or modify otherwise protected system resources.
- Critical (Static) - XML External Entity Injection:
src/main/java/com/microfocus/example/web/controllers/UserController.java:905
Summary: XML parser configured in UserController.java:905 does not prevent nor limit external entities resolution. This can expose the parser to an XML External Entities attackUsing XML parsers that are not configured to prevent or limit external entities resolution can expose the parser to an XML External Entities attack.
- Critical (Static) - Insecure Transport: Mail Transmission:
src/main/java/com/microfocus/example/utils/EmailUtils.java:101
Summary: The method sendEmail() in EmailUtils.java establishes an unencrypted connection to a mail server allowing an attacker to carry out a man-in-the-middle attack and read all the mail transmissions.Establishing an unencrypted connection to a mail server allows an attacker to carry out a man-in-the-middle attack and read all the mail transmissions.
- Critical (Static) - Path Manipulation:
src/main/java/com/microfocus/example/service/FileSystemStorageService.java:143
Summary: Attackers can control the file system path argument to resolve() at FileSystemStorageService.java line 143, which allows them to access or modify otherwise protected files.Allowing user input to control paths used in file system operations could enable an attacker to access or modify otherwise protected system resources.
- Critical (Static) - Weak Encryption: Insecure Mode of Operation:
src/main/java/com/microfocus/example/utils/EncryptedPasswordUtils.java:61
Summary: The function decryptPassword() in EncryptedPasswordUtils.java uses a cryptographic encryption algorithm with an insecure mode of operation on line 61.Do not use cryptographic encryption algorithms with an insecure mode of operation.
- Critical (Static) - Mass Assignment: Request Parameters Bound into Persisted Objects:
src/main/java/com/microfocus/example/entity/Authority.java:37
Summary: The class in Authority.java is both a database persistent entity and a dynamically bound request object. Allowing database persistent entities to be auto-populated by request parameters will let an attacker create unintended database records in association entities or update unintended fields in the entity object. Allowing database persistent entities to be auto-populated by request parameters will let an attacker create unintended records in association entities or update unintended fields in the entity object.
- Critical (Static) - Privacy Violation:
src/main/java/com/microfocus/example/utils/EmailUtils.java:77
Summary: The method setEmailPassword() in EmailUtils.java mishandles confidential information, which can compromise user privacy and is often illegal.Mishandling private information, such as customer passwords or social security numbers, can compromise user privacy and is often illegal.
- Critical (Static) - Path Manipulation:
src/main/java/com/microfocus/example/service/FileSystemStorageService.java:54
Summary: Attackers can control the file system path argument to get() at FileSystemStorageService.java line 54, which allows them to access or modify otherwise protected files.Allowing user input to control paths used in file system operations could enable an attacker to access or modify otherwise protected system resources.
- Critical (Static) - Open Redirect:
src/main/java/com/microfocus/example/web/controllers/DefaultController.java:218
Summary: The file DefaultController.java passes unvalidated data to an HTTP redirect function on line 218. Allowing unvalidated input to control the URL used in a redirect can aid phishing attacks.Allowing unvalidated input to control the URL used in a redirect can aid phishing attacks.
- Critical (Static) - Path Manipulation:
src/main/java/com/microfocus/example/service/FileSystemStorageService.java:143
Summary: Attackers can control the file system path argument to resolve() at FileSystemStorageService.java line 143, which allows them to access or modify otherwise protected files.Allowing user input to control paths used in file system operations could enable an attacker to access or modify otherwise protected system resources.
- Critical (Static) - Path Manipulation:
src/main/java/com/microfocus/example/service/FileSystemStorageService.java:159
Summary: Attackers can control the file system path argument to get() at FileSystemStorageService.java line 159, which allows them to access or modify otherwise protected files.Allowing user input to control paths used in file system operations could enable an attacker to access or modify otherwise protected system resources.
- Critical (Static) - Path Manipulation:
src/main/java/com/microfocus/example/web/controllers/ProductController.java:146
Summary: Attackers can control the file system path argument to get() at ProductController.java line 146, which allows them to access or modify otherwise protected files.Allowing user input to control paths used in file system operations could enable an attacker to access or modify otherwise protected system resources.
- Critical (Static) - Insecure SSL: Server Identity Verification Disabled:
src/main/java/com/microfocus/example/utils/EmailUtils.java:101
Summary: The connection established via send() in EmailUtils.java does not verify the server certificate when making an SSL connection. This leaves the application vulnerable to a man-in-the-middle attack.Server identity verification is disabled when making SSL connections.
- Critical (Static) - Path Manipulation:
src/main/java/com/microfocus/example/service/FileSystemStorageService.java:159
Summary: Attackers can control the file system path argument to get() at FileSystemStorageService.java line 159, which allows them to access or modify otherwise protected files.Allowing user input to control paths used in file system operations could enable an attacker to access or modify otherwise protected system resources.
- Critical (Static) - Weak Encryption: Insecure Mode of Operation:
src/main/java/com/microfocus/example/utils/EncryptedPasswordUtils.java:47
Summary: The function encryptPassword() in EncryptedPasswordUtils.java uses a cryptographic encryption algorithm with an insecure mode of operation on line 47.Do not use cryptographic encryption algorithms with an insecure mode of operation.
- Critical (Static) - Weak Encryption:
src/main/java/com/microfocus/example/utils/EncryptedPasswordUtils.java:42
Summary: The call to SecretKeySpec() at EncryptedPasswordUtils.java line 42 uses a weak encryption algorithm that cannot guarantee the confidentiality of sensitive data.The identified call uses a weak encryption algorithm that cannot guarantee the confidentiality of sensitive data.
- Critical (Static) - Path Manipulation:
src/main/java/com/microfocus/example/service/FileSystemStorageService.java:159
Summary: Attackers can control the file system path argument to get() at FileSystemStorageService.java line 159, which allows them to access or modify otherwise protected files.Allowing user input to control paths used in file system operations could enable an attacker to access or modify otherwise protected system resources.
- Critical (Static) - Weak Encryption:
src/main/java/com/microfocus/example/utils/EncryptedPasswordUtils.java:61
Summary: The call to getInstance() at EncryptedPasswordUtils.java line 61 uses a weak encryption algorithm that cannot guarantee the confidentiality of sensitive data.The identified call uses a weak encryption algorithm that cannot guarantee the confidentiality of sensitive data.
- Critical (Static) - SQL Injection:
src/main/java/com/microfocus/example/repository/ProductRepository.java:95
Summary: On line 95 of ProductRepository.java, the method findByCode() invokes a SQL query built with input that comes from an untrusted source. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.Constructing a dynamic SQL statement with input from an untrusted source might allow an attacker to modify the statement's meaning or execute arbitrary SQL commands.
- Critical (Static) - Cross-Site Scripting: Reflected:
src/main/java/com/microfocus/example/web/controllers/ProductController.java:97
Summary: The method getKeywordsContent() in ProductController.java sends unvalidated data to a web browser on line 97, which can result in the browser executing malicious code.Sending unvalidated data to a web browser can result in the browser executing malicious code.
- High (Static) - Header Manipulation:
src/main/java/com/microfocus/example/web/controllers/UserController.java:793
Summary: The method serveFile() in UserController.java includes unvalidated data in an HTTP response header on line 793. This enables attacks such as cache-poisoning, cross-site scripting, cross-user defacement, page hijacking, cookie manipulation or open redirect.Including unvalidated data in an HTTP response header can enable cache-poisoning, cross-site scripting, cross-user defacement, page hijacking, cookie manipulation or open redirect.
- High (Static) - System Information Leak: External:
src/main/java/com/microfocus/example/config/handlers/BasicAuthenticationEntryPointCustom.java:68
Summary: The function commence() in BasicAuthenticationEntryPointCustom.java reveals system data or debug information by calling println() on line 68. The information revealed by println() could help an adversary form a plan of attack.Revealing system data or debugging information helps an adversary learn about the system and form a plan of attack.
- High (Static) - Password Management: Hardcoded Password:
src/main/resources/application.yml:41
Summary: Hardcoded passwords can compromise system security in a way that is difficult to remedy.
- High (Static) - Race Condition: Singleton Member Field:
src/main/java/com/microfocus/example/web/controllers/admin/AdminDefaultController.java:165
Summary: The class AdminDefaultController is a singleton, so the member field thRCECMD is shared between users. The result is that one user could see another user's data.Servlet member fields might allow one user to see another user's data.
- High (Static) - Unreleased Resource: Streams:
src/main/java/com/microfocus/example/utils/UserUtils.java:161
Summary: The function deserializeUser() in UserUtils.java sometimes fails to release a system resource allocated by FileInputStream() on line 160.The program can potentially fail to release a system resource.
- High (Static) - Unreleased Resource: Streams:
src/main/java/com/microfocus/example/utils/UserUtils.java:153
Summary: The function serializeUser() in UserUtils.java sometimes fails to release a system resource allocated by FileOutputStream() on line 152.The program can potentially fail to release a system resource.
- High (Static) - Mass Assignment: Sensitive Field Exposure:
src/main/java/com/microfocus/example/entity/User.java:192
Summary: A sensitive field defined in User.java on line 192 is exposed to the model binder.A sensitive field is exposed to the model binder.
- High (Static) - Password Management: Hardcoded Password:
src/main/resources/application-test.yml:67
Summary: Hardcoded passwords can compromise system security in a way that is difficult to remedy.
- High (Static) - Header Manipulation:
src/main/java/com/microfocus/example/web/controllers/UserController.java:947
Summary: The method serveUnverifiedFile() in UserController.java includes unvalidated data in an HTTP response header on line 947. This enables attacks such as cache-poisoning, cross-site scripting, cross-user defacement, page hijacking, cookie manipulation or open redirect.Including unvalidated data in an HTTP response header can enable cache-poisoning, cross-site scripting, cross-user defacement, page hijacking, cookie manipulation or open redirect.
- High (Static) - Unreleased Resource: Streams:
src/main/java/com/microfocus/example/utils/UserUtils.java:82
Summary: The function registerUser() in UserUtils.java sometimes fails to release a system resource allocated by FileReader() on line 82.The program can potentially fail to release a system resource.
- High (Static) - Header Manipulation:
src/main/java/com/microfocus/example/web/controllers/ProductController.java:179
Summary: The method downloadFile() in ProductController.java includes unvalidated data in an HTTP response header on line 179. This enables attacks such as cache-poisoning, cross-site scripting, cross-user defacement, page hijacking, cookie manipulation or open redirect.Including unvalidated data in an HTTP response header can enable cache-poisoning, cross-site scripting, cross-user defacement, page hijacking, cookie manipulation or open redirect.
- High (Static) - System Information Leak: External:
src/main/java/com/microfocus/example/config/handlers/AuthenticationEntryPointJwt.java:69
Summary: The function commence() in AuthenticationEntryPointJwt.java reveals system data or debug information by calling println() on line 69. The information revealed by println() could help an adversary form a plan of attack.Revealing system data or debugging information helps an adversary learn about the system and form a plan of attack.
- High (Static) - Dockerfile Misconfiguration: Default User Privilege:
Dockerfile:1
Summary: The Dockerfile does not specify a USER, so it defaults to running with a root user.
- High (Static) - Header Manipulation:
src/main/java/com/microfocus/example/web/controllers/UserController.java:865
Summary: The method serveXMLFile() in UserController.java includes unvalidated data in an HTTP response header on line 865. This enables attacks such as cache-poisoning, cross-site scripting, cross-user defacement, page hijacking, cookie manipulation or open redirect.Including unvalidated data in an HTTP response header can enable cache-poisoning, cross-site scripting, cross-user defacement, page hijacking, cookie manipulation or open redirect.
- High (Static) - System Information Leak: External:
src/main/java/com/microfocus/example/config/handlers/ApiAccessDeniedHandler.java:66
Summary: The function handle() in ApiAccessDeniedHandler.java reveals system data or debug information by calling println() on line 66. The information revealed by println() could help an adversary form a plan of attack.Revealing system data or debugging information helps an adversary learn about the system and form a plan of attack.
- Critical (Dynamic) - Insecure Deployment: HTTP Request Smuggling:
https://iwa.onfortify.com:443/swagger-ui/328496index.html?url=@%7B/v3/api-docs%7D
Summary:
WebInspect has detected the application to be vulnerable to an HTTP Request Smuggling attack.
HTTP Request Smuggling vulnerabilities arise due to the discrepancy in parsing of non-compliant HTTP headers by the front-end and back-end servers. By supplying a request that is interpreted as being of different lengths by different servers, an attacker can poison the back-end TCP/TLS socket and prepend arbitrary data to the next request or smuggle additional requests to the back-end server without the front-end server being aware of it.
There are numerous ways in which a malicious user can accomplish an HTTP Request Smuggling attack. In this instance, an incoming HTTP request that contains both Content-Length and Transfer-Encoding headers is interpreted differently by the front-end server and the back-end server. One honors the Content-Length header and the other the Transfer-Encoding header to determine the length of the request. This can render the application vulnerable to smuggling attacks.
The attack vector used indicates that the front-end server honors the Content-Length header and the back-end server honors the Transfer-Encoding header.
WebInspect was able to confirm this vulnerability. WebInspect performed the attack by sending two requests on the same TCP/IP connection with the server. The first request with HTTP headers
Content-Length: 36
Transfer-Encoding: chunked
was crafted so that the server put part of the request body in a queue. This was prepended to the subsequent HTTP request and caused an error on the server.0
POST /mal formed ZZZZ/9.7 Q: W
- Critical (Dynamic) - Cross-Site Scripting: Reflected:
https://iwa.onfortify.com:443/products?keywords=12345%3c%73%43%72%49%70%54%3e%61%6c%65%72%74%28%34%35%33%32%38%29%3c%2f%73%43%72%49%70%54%3e
Summary:
Cross-Site Scripting vulnerability found in Get parameter keywords. The following attack uses plain encoding:
<sCrIpT></sCrIpT>
A Cross-Site Scripting (XSS) vulnerability was detected in the web application. Cross-Site Scripting occurs when dynamically generated web pages display user input, such as login information, that is not properly validated, allowing an attacker to embed malicious scripts into the generated page and then execute the script on the machine of any user that views the site. In this instance, the web application was vulnerable to an automatic payload, meaning the user simply has to visit a page to make the malicious scripts execute. If successful, Cross-Site Scripting vulnerabilities can be exploited to manipulate or steal cookies, create requests that can be mistaken for those of a valid user, compromise confidential information, or execute malicious code on end user systems. Recommendations include implementing secure programming techniques that ensure proper filtration of user-supplied data, and encoding all user supplied data to prevent inserted scripts being sent to end users in a format that can be executed.
- High (Dynamic) - Cross-Frame Scripting:
https://iwa.onfortify.com:443/login
Summary:
A Cross-Frame Scripting (XFS) vulnerability can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page. The attacker could use this weakness to devise a Clickjacking attack to conduct phishing, frame sniffing, social engineering or Cross-Site Request Forgery attacks.
Clickjacking
The goal of a Clickjacking attack is to deceive the victim (user) into interacting with UI elements of the attacker’s choice on the target web site without their knowledge and then executing privileged functionality on the victim’s behalf. To achieve this goal, the attacker must exploit the XFS vulnerability to load the attack target inside an iframe tag, hide it using Cascading Style Sheets (CSS) and overlay the phishing content on the malicious page. By placing the UI elements on the phishing page so they overlap with those on the page targeted in the attack, the attacker can ensure that the victim must interact with the UI elements on the target page not visible to the victim.
WebInspect has detected a page which potentially handles sensitive information using an HTML form with a password input field and is missing XFS protection.
An effective frame-busting technique was not observed while loading this page inside a frame.
This response while protected by a valid X-Frame-Options does not contain a valid Content-Security-Policy(CSP) frame-ancestors directive. Consider adding CSP as it now replaces X-Frame-Options and is supported in most modern browswers.
- High (Dynamic) - Web Server Misconfiguration: Unprotected File:
https://iwa.onfortify.com:443/swagger-ui/index.html.gz
Summary: Webinspect has detected an archive file with the .gz extension on the target server. The severity of the threats posed by the web-accessible backup files depends on the sensitivity of the information stored in original document. Based on that information, an attacker can gain sensitive information about the site architecture, database and network access credential details, encryption keys, and so forth from these files. The attacker can use information obtained to craft precise targeted attacks, which may not otherwise be feasible, against the application.
- Medium (Dynamic) - Cookie Security: Cookie not Sent Over SSL:
https://iwa.onfortify.com:443/
Summary: This policy states that any area of the website or web application that contains sensitive information or access to privileged functionality such as remote site administration requires that all cookies are sent via SSL during an SSL session. The URL: https://iwa.onfortify.com:443/ has failed this policy. If a cookie is marked with the "secure" attribute, it will only be transmitted if the communications channel with the host is a secure one. Currently this means that secure cookies will only be sent to HTTPS (HTTP over SSL) servers. If secure is not specified, a cookie is considered safe to be sent in the clear over unsecured channels.
* Medium (Dynamic) - Cross-Frame Scripting: [https://iwa.onfortify.com:443/](https://ams.fortify.com/redirect/Issues/76902059-1ace-4d09-9d94-2c5b5e8ea7b1)
Summary:
A Cross-Frame Scripting (XFS) vulnerability can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page. The attacker could use this weakness to devise a Clickjacking attack to conduct phishing, frame sniffing, social engineering or Cross-Site Request Forgery attacks.
Clickjacking
The goal of a Clickjacking attack is to deceive the victim (user) into interacting with UI elements of the attacker’s choice on the target web site without their knowledge and then executing privileged functionality on the victim’s behalf. To achieve this goal, the attacker must exploit the XFS vulnerability to load the attack target inside an iframe tag, hide it using Cascading Style Sheets (CSS) and overlay the phishing content on the malicious page. By placing the UI elements on the phishing page so they overlap with those on the page targeted in the attack, the attacker can ensure that the victim must interact with the UI elements on the target page not visible to the victim.
WebInspect has detected a response containing one or more forms that accept user input but is missing XFS protection.
An effective frame-busting technique was not observed while loading this page inside a frame.
This response while protected by a valid X-Frame-Options does not contain a valid Content-Security-Policy(CSP) frame-ancestors directive. Consider adding CSP as it now replaces X-Frame-Options and is supported in most modern browswers.
- Low (Dynamic) - Web Server Misconfiguration: Unprotected Directory:
https://iwa.onfortify.com:443/_derived/
Summary: FrontPage-related directories were found during a Directory Enumeration scan. FrontPage allows remote users to upload and modify web site content. Historically, attackers seek out FrontPage sites since FrontPage is often misconfigured to not require authentication. FrontPage components have also contained multiple vulnerabilities in the past. Recommendations include reviewing the FrontPage configuration, and removing FrontPage if it is not being used.
- Low (Dynamic) - Web Server Misconfiguration: Unprotected Directory:
https://iwa.onfortify.com:443/_fpclass/
Summary: FrontPage-related directories were found during a Directory Enumeration scan. FrontPage allows remote users to upload and modify web site content. Historically, attackers seek out FrontPage sites since FrontPage is often misconfigured to not require authentication. FrontPage components have also contained multiple vulnerabilities in the past. Recommendations include reviewing the FrontPage configuration, and removing FrontPage if it is not being used.
- Low (Dynamic) - Web Server Misconfiguration: Unprotected Directory:
https://iwa.onfortify.com:443/products/
Summary: Directory Enumeration vulnerabilities were discovered within your web application. Risks associated with an attacker discovering a directory on your application server depend upon what type of directory is discovered, and what types of files are contained within it. The primary threat, other than accessing files containing sensitive information, is that an attacker can utilize the information discovered in that directory to perform other types of attacks. Recommendations include restricting access to important directories or files by adopting a "need to know" requirement for both the document and server root, and turning off features such as Automatic Directory Listings that provide information that could be utilized by an attacker when formulating or conducting an attack.
- Low (Dynamic) - Web Server Misconfiguration: Unprotected Directory:
https://iwa.onfortify.com:443/services/
Summary: Directory Enumeration vulnerabilities were discovered within your web application. Risks associated with an attacker discovering a directory on your application server depend upon what type of directory is discovered, and what types of files are contained within it. The primary threat, other than accessing files containing sensitive information, is that an attacker can utilize the information discovered in that directory to perform other types of attacks. Recommendations include restricting access to important directories or files by adopting a "need to know" requirement for both the document and server root, and turning off features such as Automatic Directory Listings that provide information that could be utilized by an attacker when formulating or conducting an attack.
- Low (Dynamic) - Insecure Transport: HSTS not Set:
https://iwa.onfortify.com:443/js/app.js
Summary:
Http Strict Transport Security (HSTS) policy enables web applications to enforce web browsers to restrict communication with the server over an encrypted SSL/TLS connection for a set period. Policy is declared via special Strict Transport Security response header. Encrypted connection protects sensitive user and session data from attackers eavesdropping on network connection.
Consider following attack scenarios:
- Users often omit the URI scheme i.e. https:// when typing a URL in location bar to access a website. Also third party websites can link to the site using the “http” scheme instead of "”https”. This could result in an initial connection to a HTTPS-enabled site over an unencrypted channel. An eavesdropping attacker can hijack this unencrypted connection and replace the intended use of HTTPS protocol with HTTP in an attack known as SSLStrip, granting unauthorized access to all subsequent traffic.
- Websites often transfer non-sensitive resources such as help documents over an unencrypted HTTP connection. Any cookies without a secure flag are sent along with such requests potentially disclosing sensitive user and session data to eavesdropper.
- Man-in-the-Middle attacks that exploit user tendencies to override invalid certification warnings, e.g. SSLSniff.
For web sites configured with an accurate HSTS policy, browsers automatically upgrade any HTTP connections to HTTPS. Furthermore, browsers prevent users from overriding any host certificate warnings. HSTS offers an effective defense against above attack scenarios.
- Low (Dynamic) - Cookie Security: Missing SameSite Attribute:
https://iwa.onfortify.com:443/
Summary:
The SameSite attribute protects cookies from Cross-Site Request Forgery (CSRF) attacks. The browser automatically appends cookies to every HTTP request made to the site that sets the cookie. Cookies might store sensitive data like session ID and authorization token or site data that is shared between different requests to the same site during a session. An attacker can perform an impersonation attack by generating a request to the authenticated site from a third-party site page loaded on the client machine because the browser automatically appended the cookie to the request.
The SameSite attribute on a cookie allows sites to control that behaviour and prevents browsers from appending the cookie to request if the request is generated from a third-party site page load. The SameSite attribute can have the following three values:
- Strict: When set to Strict, cookies are only sent along with requests upon top level navigation .
- Lax: When set to Lax, cookies are sent with top level navigation from the same host as well as GET requests originated to the host from third-party sites (for example, in iframe, link, href, and so on and the form tag with GET method only).
- None: Cookies are sent in all requests made to the site within the path and domain scope set for the cookie. Requests generated due to form submissions using the POST method are also allowed to send cookies with request.
Please note that cookies that have the SameSite attribute with the value of None must be set with the Secure attribute otherwise the browser rejects the cookies. Additionally, a few specific browser versions reject the SameSite cookie with the None value for example, Chrome versions 51 to 66, versions of the UC Browser on Android prior to version 12.13.2, versions of Safari and embedded browsers on macOS 10.14, and all browsers on iOS 12 reject cookies set with SameSite=None. A suggested workaround for this issue is to set an alternate cookie with a prefix or suffix such as Legacy appended to cookiename . Sites can look for this legacy cookie if it does not find a cookie that was set with SameSite=None.
- Low (Dynamic) - HTML5: Overly Permissive CORS Policy:
https://iwa.onfortify.com:443/api/v3/site/subscribe-user
Summary:
A resource on the target website has been found to be shared across websites using CORS with an open access control policy.
Cross-Origin Resource Sharing, commonly referred to as CORS, is a technology that allows a domain to define a policy for its resources to be accessed by a web page hosted on a different domain using cross domain XML HTTP Requests (XHR). Historically, the browser restricts cross domain XHR requests to abide by the same origin policy. At its basic form, the same origin policy sets the script execution scope to the resources available on the current domain and prohibits any communication to domains outside this scope. While CORS is supported on all major browsers, it also requires that the domain correctly defines the CORS policy in order to have its resources shared with another domain. These restrictions are managed by access policies typically included in specialized response headers, such as:
- Access-Control-Allow-Origin
- Access-Control-Allow-Headers
- Access-Control-Allow-Methods
Summary:
A resource on the target domain has been found to be shared using CORS. The Access-Control-Allow-Methods header, as reflected in the preflight response for the requested resource, indicates that it allows unsafe HTTP methods. An attacker can use HTTP methods such as PUT or DELETE to make unexpected modifications to shared resource and pose a security threat to the overall site security. A user agent rejects any request for this resource with an HTTP method other than the ones that are listed in the Access-Control-Allow-Methods response header.
Cross-Origin Resource Sharing, commonly referred to as CORS, is a technology that allows a domain to define a policy for its resources to be accessed by a web page hosted on a different domain using cross domain XML HTTP Requests (XHR). Historically, the browser restricts cross domain XHR requests to abide by the same origin policy. At its basic form, the same origin policy sets the script execution scope to the resources available on the current domain and prohibits any communication to domains outside this scope. Therefore, execution and incorporation of remote methods and functions hosted on domains outside of the current domain are effectively prohibited. While CORS is supported on all major browsers, it also requires that the domain correctly defines the CORS policy in order to have its resources shared with another domain. These restrictions are managed by access policies typically included in specialized response headers, such as:
- Access-Control-Allow-Origin
- Access-Control-Allow-Headers
- Access-Control-Allow-Methods
- Low (Dynamic) - Web Server Misconfiguration: Server Error Message:
https://iwa.onfortify.com:443/products?keywords='
Summary: A server error response was detected. The server could be experiencing errors due to a misbehaving application, a misconfiguration, or a malicious value sent during the auditing process. While error responses in and of themselves are not dangerous, per se, the error responses give attackers insight into how the application handles error conditions. Errors that can be remotely triggered by an attacker can also potentially lead to a denial of service attack or other more severe vulnerability. Recommendations include designing and adding consistent error handling mechanisms which are capable of handling any user input to your web application, providing meaningful detail to end-users, and preventing error messages that might provide information useful to an attacker from being displayed.
- Low (Dynamic) - Cache Management: Web Cache Poisoning:
https://iwa.onfortify.com:443/api/v3/products?limit=&cacheBuster=WEBINSPECT1278776097
Summary:
WebInspect has detected a web cache poisoning instance by fat GET requests. Fat GET requests are requests that contain parameters as request body. Web cache poisoning exploits the behaviour of the web server causing a malicious response to be served to legitimate requests.
In this type of web cache poisoning, the cache key is derived from the original query parameters passed in the request line. However, the value of the query parameter used by the server is the duplicate value sent as part of the request body. This altered response is cached and served to the users with legitimate requests.
WebInspect has detected that the cache can be poisoned. The limit was passed in the request body and it is observed that the initial response differed from the later response for the same query. This indicates that the cache might be poisoned.
- Low (Dynamic) - HTML5: Overly Permissive CORS Policy:
https://iwa.onfortify.com:443/api/v3/products?limit=
Summary:
A resource on the target website has been found to be shared across websites using CORS with an open access control policy.
Cross-Origin Resource Sharing, commonly referred to as CORS, is a technology that allows a domain to define a policy for its resources to be accessed by a web page hosted on a different domain using cross domain XML HTTP Requests (XHR). Historically, the browser restricts cross domain XHR requests to abide by the same origin policy. At its basic form, the same origin policy sets the script execution scope to the resources available on the current domain and prohibits any communication to domains outside this scope. While CORS is supported on all major browsers, it also requires that the domain correctly defines the CORS policy in order to have its resources shared with another domain. These restrictions are managed by access policies typically included in specialized response headers, such as:
- Access-Control-Allow-Origin
- Access-Control-Allow-Headers
- Access-Control-Allow-Methods
Summary:
A resource on the target domain has been found to be shared using CORS. The Access-Control-Allow-Methods header, as reflected in the preflight response for the requested resource, indicates that it allows unsafe HTTP methods. An attacker can use HTTP methods such as PUT or DELETE to make unexpected modifications to shared resource and pose a security threat to the overall site security. A user agent rejects any request for this resource with an HTTP method other than the ones that are listed in the Access-Control-Allow-Methods response header.
Cross-Origin Resource Sharing, commonly referred to as CORS, is a technology that allows a domain to define a policy for its resources to be accessed by a web page hosted on a different domain using cross domain XML HTTP Requests (XHR). Historically, the browser restricts cross domain XHR requests to abide by the same origin policy. At its basic form, the same origin policy sets the script execution scope to the resources available on the current domain and prohibits any communication to domains outside this scope. Therefore, execution and incorporation of remote methods and functions hosted on domains outside of the current domain are effectively prohibited. While CORS is supported on all major browsers, it also requires that the domain correctly defines the CORS policy in order to have its resources shared with another domain. These restrictions are managed by access policies typically included in specialized response headers, such as:
- Access-Control-Allow-Origin
- Access-Control-Allow-Headers
- Access-Control-Allow-Methods
- Low (Dynamic) - HTML5: Overly Permissive CORS Policy:
https://iwa.onfortify.com:443/api/
Summary:
A resource on the target website has been found to be shared across websites using CORS with an open access control policy.
Cross-Origin Resource Sharing, commonly referred to as CORS, is a technology that allows a domain to define a policy for its resources to be accessed by a web page hosted on a different domain using cross domain XML HTTP Requests (XHR). Historically, the browser restricts cross domain XHR requests to abide by the same origin policy. At its basic form, the same origin policy sets the script execution scope to the resources available on the current domain and prohibits any communication to domains outside this scope. While CORS is supported on all major browsers, it also requires that the domain correctly defines the CORS policy in order to have its resources shared with another domain. These restrictions are managed by access policies typically included in specialized response headers, such as:
- Access-Control-Allow-Origin
- Access-Control-Allow-Headers
- Access-Control-Allow-Methods
Summary:
A resource on the target domain has been found to be shared using CORS. The Access-Control-Allow-Methods header, as reflected in the preflight response for the requested resource, indicates that it allows unsafe HTTP methods. An attacker can use HTTP methods such as PUT or DELETE to make unexpected modifications to shared resource and pose a security threat to the overall site security. A user agent rejects any request for this resource with an HTTP method other than the ones that are listed in the Access-Control-Allow-Methods response header.
Cross-Origin Resource Sharing, commonly referred to as CORS, is a technology that allows a domain to define a policy for its resources to be accessed by a web page hosted on a different domain using cross domain XML HTTP Requests (XHR). Historically, the browser restricts cross domain XHR requests to abide by the same origin policy. At its basic form, the same origin policy sets the script execution scope to the resources available on the current domain and prohibits any communication to domains outside this scope. Therefore, execution and incorporation of remote methods and functions hosted on domains outside of the current domain are effectively prohibited. While CORS is supported on all major browsers, it also requires that the domain correctly defines the CORS policy in order to have its resources shared with another domain. These restrictions are managed by access policies typically included in specialized response headers, such as:
- Access-Control-Allow-Origin
- Access-Control-Allow-Headers
- Access-Control-Allow-Methods
- Low (Dynamic) - Web Server Misconfiguration: Server Error Message:
https://iwa.onfortify.com:443/products?keywords=%25%7b(%23attr%5b%27com.opensymphony.xwork2.util.ValueStack.ValueStack%27%5d.context%5b%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27%5d.getWriter().printf(%27WI_FP%3a%27%2c0).printf(%2780360f89%27%2c1).printf(%27%3aCVE20190230%27%2c2).flush())%7d
Summary: A server error response was detected. The server could be experiencing errors due to a misbehaving application, a misconfiguration, or a malicious value sent during the auditing process. While error responses in and of themselves are not dangerous, per se, the error responses give attackers insight into how the application handles error conditions. Errors that can be remotely triggered by an attacker can also potentially lead to a denial of service attack or other more severe vulnerability. Recommendations include designing and adding consistent error handling mechanisms which are capable of handling any user input to your web application, providing meaningful detail to end-users, and preventing error messages that might provide information useful to an attacker from being displayed.
- Best Practice (Dynamic) - Privacy Violation: Autocomplete:
https://iwa.onfortify.com:443/css/star-rating-theme.min.css
Summary: Most recent browsers have features that will save form field content entered by users and then automatically complete form entry the next time the fields are encountered. This feature is enabled by default and could leak sensitive information since it is stored on the hard drive of the user. The risk of this issue is greatly increased if users are accessing the application from a shared environment. Recommendations include setting autocomplete to "off" on all your forms.
- Best Practice (Dynamic) - Privacy Violation: Autocomplete:
https://iwa.onfortify.com:443/
Summary: Most recent browsers have features that will save form field content entered by users and then automatically complete form entry the next time the fields are encountered. This feature is enabled by default and could leak sensitive information since it is stored on the hard drive of the user. The risk of this issue is greatly increased if users are accessing the application from a shared environment. Recommendations include setting autocomplete to "off" on all your forms.
- Best Practice (Dynamic) - Web Server Misconfiguration: Insecure Content-Type Setting:
https://iwa.onfortify.com:443/api/v3/products?limit=
Summary:
The Content-Type HTTP response header or the HTML meta tag provides a mechanism for the server to specify an appropriate character encoding for the response content to be rendered in the web browser. Proper specification of the character encoding through the charset parameter in the Content-Type field reduces the likelihood of misinterpretation of the characters in the response content and ensure reliable rendering of the web page.
Failure to ensure enforcement of the desired character encoding could result in client-side attacks like Cross-Site Scripting.
- Best Practice (Dynamic) - Privacy Violation: Autocomplete:
https://iwa.onfortify.com:443/products
Summary: Most recent browsers have features that will save form field content entered by users and then automatically complete form entry the next time the fields are encountered. This feature is enabled by default and could leak sensitive information since it is stored on the hard drive of the user. The risk of this issue is greatly increased if users are accessing the application from a shared environment. Recommendations include setting autocomplete to "off" on all your forms.
- Best Practice (Dynamic) - Privacy Violation: Autocomplete:
https://iwa.onfortify.com:443/prescriptions
Summary: Most recent browsers have features that will save form field content entered by users and then automatically complete form entry the next time the fields are encountered. This feature is enabled by default and could leak sensitive information since it is stored on the hard drive of the user. The risk of this issue is greatly increased if users are accessing the application from a shared environment. Recommendations include setting autocomplete to "off" on all your forms.
- Best Practice (Dynamic) - Privacy Violation: Autocomplete:
https://iwa.onfortify.com:443/services
Summary: Most recent browsers have features that will save form field content entered by users and then automatically complete form entry the next time the fields are encountered. This feature is enabled by default and could leak sensitive information since it is stored on the hard drive of the user. The risk of this issue is greatly increased if users are accessing the application from a shared environment. Recommendations include setting autocomplete to "off" on all your forms.
- Best Practice (Dynamic) - Privacy Violation: Autocomplete:
https://iwa.onfortify.com:443/advice
Summary: Most recent browsers have features that will save form field content entered by users and then automatically complete form entry the next time the fields are encountered. This feature is enabled by default and could leak sensitive information since it is stored on the hard drive of the user. The risk of this issue is greatly increased if users are accessing the application from a shared environment. Recommendations include setting autocomplete to "off" on all your forms.
- Best Practice (Dynamic) - Privacy Violation: Autocomplete:
https://iwa.onfortify.com:443/cart
Summary: Most recent browsers have features that will save form field content entered by users and then automatically complete form entry the next time the fields are encountered. This feature is enabled by default and could leak sensitive information since it is stored on the hard drive of the user. The risk of this issue is greatly increased if users are accessing the application from a shared environment. Recommendations include setting autocomplete to "off" on all your forms.
- Best Practice (Dynamic) - Privacy Violation: Autocomplete:
https://iwa.onfortify.com:443/login
Summary: Most recent browsers have features that will save form field content entered by users and then automatically complete form entry the next time the fields are encountered. This feature is enabled by default and could leak sensitive information since it is stored on the hard drive of the user. The risk of this issue is greatly increased if users are accessing the application from a shared environment. Recommendations include setting autocomplete to "off" on all your forms.
- Best Practice (Dynamic) - Privacy Violation: Autocomplete:
https://iwa.onfortify.com:443/user/register
Summary: Most recent browsers have features that will save form field content entered by users and then automatically complete form entry the next time the fields are encountered. This feature is enabled by default and could leak sensitive information since it is stored on the hard drive of the user. The risk of this issue is greatly increased if users are accessing the application from a shared environment. Recommendations include setting autocomplete to "off" on all your forms.
- Best Practice (Dynamic) - Privacy Violation: Autocomplete:
https://iwa.onfortify.com:443/products/eec467c8-5de9-4c7c-8541-7b31614d31a0
Summary: Most recent browsers have features that will save form field content entered by users and then automatically complete form entry the next time the fields are encountered. This feature is enabled by default and could leak sensitive information since it is stored on the hard drive of the user. The risk of this issue is greatly increased if users are accessing the application from a shared environment. Recommendations include setting autocomplete to "off" on all your forms.
- Best Practice (Dynamic) - Privacy Violation: Autocomplete:
https://iwa.onfortify.com:443/products/74b87e87-0d77-422c-baaa-622498a84328
Summary: Most recent browsers have features that will save form field content entered by users and then automatically complete form entry the next time the fields are encountered. This feature is enabled by default and could leak sensitive information since it is stored on the hard drive of the user. The risk of this issue is greatly increased if users are accessing the application from a shared environment. Recommendations include setting autocomplete to "off" on all your forms.
- Best Practice (Dynamic) - Privacy Violation: Autocomplete:
https://iwa.onfortify.com:443/products/6bbbeb10-6709-4163-a790-f691b09d6aca
Summary: Most recent browsers have features that will save form field content entered by users and then automatically complete form entry the next time the fields are encountered. This feature is enabled by default and could leak sensitive information since it is stored on the hard drive of the user. The risk of this issue is greatly increased if users are accessing the application from a shared environment. Recommendations include setting autocomplete to "off" on all your forms.
- Best Practice (Dynamic) - Privacy Violation: Autocomplete:
https://iwa.onfortify.com:443/prescriptions/
Summary: Most recent browsers have features that will save form field content entered by users and then automatically complete form entry the next time the fields are encountered. This feature is enabled by default and could leak sensitive information since it is stored on the hard drive of the user. The risk of this issue is greatly increased if users are accessing the application from a shared environment. Recommendations include setting autocomplete to "off" on all your forms.
- Best Practice (Dynamic) - Privacy Violation: Autocomplete:
https://iwa.onfortify.com:443/products/
Summary: Most recent browsers have features that will save form field content entered by users and then automatically complete form entry the next time the fields are encountered. This feature is enabled by default and could leak sensitive information since it is stored on the hard drive of the user. The risk of this issue is greatly increased if users are accessing the application from a shared environment. Recommendations include setting autocomplete to "off" on all your forms.
- Best Practice (Dynamic) - Privacy Violation: Autocomplete:
https://iwa.onfortify.com:443/services/
Summary: Most recent browsers have features that will save form field content entered by users and then automatically complete form entry the next time the fields are encountered. This feature is enabled by default and could leak sensitive information since it is stored on the hard drive of the user. The risk of this issue is greatly increased if users are accessing the application from a shared environment. Recommendations include setting autocomplete to "off" on all your forms.
- Best Practice (Dynamic) - Compliance Failure: Missing Privacy Policy:
https://iwa.onfortify.com:443/
Summary: A Privacy Policy was not supplied by the web application within the scope of this audit. Many legislative initiatives require that organizations place a publicly accessible document within their web application that defines their information privacy policy. As a general rule, these information privacy policies must detail what information an organization collects, the purpose for collecting it, potential avenues of disclosure, and any methods of addressing potential grievances. Various laws governing privacy policies include the Gramm-Leach-Bliley Act, Health Insurance Portability and Accountability Act (HIPAA), the California Online Privacy Protection Act of 2003, European Union's Data Protection Directive and others.
- Info (Dynamic) - Web Server Misconfiguration: Weak Authentication:
https://iwa.onfortify.com:443/api/content/
Summary: The web server sent a 401 "Authorization Required" status code with a response that did not contain a WWW-Authenticate HTTP header. This means the server is asking for authentication, but the browser is not prompting for authentication because of the missing WWW-Authenticate header. Recommendations include reviewing the web pages to determine if they should be protected via authentication, and correct the web server or application configuration to correct the problem by setting the 401 "Authorization Required" status code or by removing the WWW-Authenticate header.
- Info (Dynamic) - Web Server Misconfiguration: OPTIONS HTTP Method:
https://iwa.onfortify.com:443/
Summary: The server supports the OPTIONS HTTP method. The OPTIONS method is used to determine what other methods the server supports for a given URI/resource.
- Info (Dynamic) - HTML5: Missing Content Security Policy:
https://iwa.onfortify.com:443/
Summary: Content Security Policy (CSP) is an HTTP response security header that developers and security architects can leverage to create an allow list of domains from which the site is allowed to load resources. This header provides an in-depth security protection from critical vulnerabilities such as cross-site scripting and clickjacking. Additionally, CSP restricts execution of inline JavaScript, dynamic JavaScript code evaluation from strings, and framing of the site from external domains. While CSP is not a replacement for input validation, it can help to significantly reduce the risk of XSS from unknown weaknesses. The CSP frame-ancestors directive is equivalent to X-Frame-Options and restricts the domain that are allowed to frame the site’s content.
- Info (Dynamic) - Hidden Field:
https://iwa.onfortify.com:443/login
Summary: While preventing display of information on the web page itself, the information submitted via hidden form fields is easily accessible, and could give an attacker valuable information that would prove helpful in escalating his attack methodology. Recommendations include not relying on hidden form fields as a security solution for any area of the web application that contains sensitive information or access to privileged functionality such as remote site administration functionality.
- Info (Dynamic) - Hidden Field:
https://iwa.onfortify.com:443/user/register
Summary: While preventing display of information on the web page itself, the information submitted via hidden form fields is easily accessible, and could give an attacker valuable information that would prove helpful in escalating his attack methodology. Recommendations include not relying on hidden form fields as a security solution for any area of the web application that contains sensitive information or access to privileged functionality such as remote site administration functionality.
- Info (Dynamic) - HLI: Detected Libraries:
https://iwa.onfortify.com:443/prescriptions
Summary:
Hacker Level Insights provides developers and security professionals with more context relating to the overall security posture of their application. The Bootstrap version 4.5.3 was detected to be in use by during this scan. While these findings do not necessarily represent a security vulnerability, it is important to note that attackers commonly perform reconnaissance of their target in an attempt to identify known weaknesses or patterns. Knowing what the hacker can see provides context which can help teams better secure their applications.
- Info (Dynamic) - HLI: Detected Libraries:
https://iwa.onfortify.com:443/prescriptions
Summary:
Hacker Level Insights provides developers and security professionals with more context relating to the overall security posture of their application. The jQuery version 3.5.1 was detected to be in use by during this scan. While these findings do not necessarily represent a security vulnerability, it is important to note that attackers commonly perform reconnaissance of their target in an attempt to identify known weaknesses or patterns. Knowing what the hacker can see provides context which can help teams better secure their applications.
- Info (Dynamic) - HLI: Detected Libraries:
https://iwa.onfortify.com:443/prescriptions
Summary:
Hacker Level Insights provides developers and security professionals with more context relating to the overall security posture of their application. The Moment.js version 2.29.1 was detected to be in use by during this scan. While these findings do not necessarily represent a security vulnerability, it is important to note that attackers commonly perform reconnaissance of their target in an attempt to identify known weaknesses or patterns. Knowing what the hacker can see provides context which can help teams better secure their applications.
<style>
.cvc-grid {width:100%;}
.cvc-box {border-radius: 15px; border: 2px solid #1a75ff; width: 100%; padding: 10px;}
.cvc-cat {position: relative; display: inline-block; border-bottom: 1px dotted black;}
.cvc-cat .nvd-tooltip {visibility: hidden; width: 400px; background-color: #3b96ff; color: #fff; text-align: left; border-radius: 6px; padding: 5px; position: absolute; z-index: 1;}
.cvc-cat:hover .nvd-tooltip {visibility: visible;}
.score-box{color:#000!important;background-color:#f1f1f1!important;width:75%;border-radius:8px}
.score-box div {border-radius:8px}
.score-box div div{padding-left: 10px; font-weight: bold;}
.score-box > div:after,.score-box > div:before {content:""; display:table;clear:both}
.sb-good{color:#fff!important;background-color:#87e547!important}
.sb-warn{color:#fff!important;background-color:#fbc02d!important}
.sb-bad{color:#fff!important;background-color:#ff8686!important}
.nvd-tooltip:before{content:"The National Vulnerability Database (NVD) helps Fortify WebInspect HLI analysis to find information for CVEs including a brief summary by using Common Platform Enumeration(CPE) queries. The database is maintained by the National Institute of Standards and Technology (NIST)."}
</style>
VULNERABILITY: | FOUND VERSION: | FIXED VERSION: | SEVERITY: |
CVE-2022-24785 | 2.29.1 | 2.29.2 | High |
VULNERABILITY: | FOUND VERSION: | FIXED VERSION: | SEVERITY: |
CVE-2022-31129 | 2.29.1 | 2.29.4 | High |
- No removed issues were detected