10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/robots.txt <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/robots.txt <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/robots.txt <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/sitemap.xml <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/sitemap.xml <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/sitemap.xml <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/ <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/ <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/ <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/home.jsp <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/home.jsp <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/home.jsp <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/about.jsp <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/about.jsp <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/about.jsp <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/login.jsp <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10012 Password Autocomplete in browser 1 2 Low (Medium) <p>AUTOCOMPLETE attribute is not disabled in HTML FORM/INPUT element containing password type input. Passwords may be stored in browsers and retrieved.</p> http://localhost:8080/bodgeit/login.jsp input <input id="password" name="password" type="password"> <p>Turn off AUTOCOMPLETE attribute in form or individual input elements containing password by using AUTOCOMPLETE='OFF'</p> <p>http://msdn.microsoft.com/library/default.asp?url=/workshop/author/forms/autocomplete_ovr.asp</p> 525 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/login.jsp <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/login.jsp <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=2 b_id=2 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/basket.jsp <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/basket.jsp <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/basket.jsp <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/search.jsp <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/search.jsp <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/search.jsp <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?typeid=6 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?typeid=6 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?typeid=6 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?typeid=5 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?typeid=5 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?typeid=5 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?typeid=3 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?typeid=3 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?typeid=3 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?typeid=2 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?typeid=2 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?typeid=2 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?typeid=7 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?typeid=7 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?typeid=7 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?typeid=4 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?typeid=4 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?typeid=4 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?typeid=1 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?typeid=1 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?typeid=1 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=21 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=21 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=21 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/contact.jsp <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/contact.jsp <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/contact.jsp <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=7 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=7 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=7 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=14 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=14 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=14 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=28 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=28 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=28 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=22 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=22 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=22 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=23 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=23 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=23 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=30 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=30 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=30 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=25 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=25 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=25 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=1 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=1 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=1 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=19 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=19 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=19 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=9 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=9 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=9 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=10 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=10 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=10 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=2 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=2 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=2 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=18 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=18 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=18 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/style.css <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/style.css <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/style.css <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=8 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=8 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=8 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/score.jsp <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/score.jsp <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/score.jsp <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/js/util.js <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/js/util.js <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/js/util.js <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/register.jsp <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10012 Password Autocomplete in browser 1 2 Low (Medium) <p>AUTOCOMPLETE attribute is not disabled in HTML FORM/INPUT element containing password type input. Passwords may be stored in browsers and retrieved.</p> http://localhost:8080/bodgeit/register.jsp input <input id="password1" name="password1" type="password"> <p>Turn off AUTOCOMPLETE attribute in form or individual input elements containing password by using AUTOCOMPLETE='OFF'</p> <p>http://msdn.microsoft.com/library/default.asp?url=/workshop/author/forms/autocomplete_ovr.asp</p> 525 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/register.jsp <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/register.jsp <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=3 b_id=3 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/advanced.jsp <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/advanced.jsp <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/advanced.jsp <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/search.jsp?q=ZAP <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/search.jsp?q=ZAP <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/search.jsp?q=ZAP <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=26 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=26 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=26 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=27 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=27 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=27 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=11 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=11 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=11 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=24 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=24 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=24 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=13 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=13 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=13 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=12 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=12 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=12 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=15 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=15 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=15 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=16 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=16 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=16 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=4 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=4 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=4 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=5 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=5 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=5 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=29 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=29 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=29 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=6 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=6 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=6 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=31 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=31 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=31 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=32 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=32 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=32 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=17 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=17 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=17 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=20 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=20 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=20 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/product.jsp?prodid=3 <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/product.jsp?prodid=3 <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/product.jsp?prodid=3 <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/contact.jsp?anticsrf=0.9742422922710258&comments&null <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/contact.jsp?anticsrf=0.9742422922710258&comments&null <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/contact.jsp?anticsrf=0.9742422922710258&comments&null <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=4 b_id=4 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=5 b_id=5 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=6 b_id=6 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=7 b_id=7 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=8 b_id=8 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=9 b_id=9 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=10 b_id=10 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=11 b_id=11 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=13 b_id=13 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=15 b_id=15 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=17 b_id=17 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=18 b_id=18 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 90022 Application Error Disclosure 2 2 Medium (Medium) <p>This page contains an error/warning message that may disclose sensitive information like the location of the file that produced the unhandled exception. This information can be used to launch further attacks against the web application. The alert could be a false positive if the error message is found inside a documentation page.</p> http://localhost:8080/bodgeit/advanced.jsp N/A HTTP 500 Internal server error <p>Review the source code of this page. Implement custom error pages. Consider implementing a mechanism to provide a unique error reference/identifier to the client (browser) while logging the details on the server side and not exposing them to the user.</p> <p></p> 200 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=19 b_id=19 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=20 b_id=20 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=21 b_id=21 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=22 b_id=22 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=23 b_id=23 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=25 b_id=25 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=26 b_id=26 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=27 b_id=27 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=29 b_id=29 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=30 b_id=30 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=31 b_id=31 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=32 b_id=32 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=33 b_id=33 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/contact.jsp?anticsrf=0.09151564326670625&comments&null <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/contact.jsp?anticsrf=0.09151564326670625&comments&null <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/contact.jsp?anticsrf=0.09151564326670625&comments&null <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=35 b_id=35 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=36 b_id=36 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=38 b_id=38 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=39 b_id=39 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=40 b_id=40 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=41 b_id=41 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=42 b_id=42 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=43 b_id=43 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=44 b_id=44 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=45 b_id=45 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=46 b_id=46 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=47 b_id=47 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=48 b_id=48 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=49 b_id=49 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=50 b_id=50 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=51 b_id=51 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=52 b_id=52 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=53 b_id=53 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=54 b_id=54 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=55 b_id=55 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=56 b_id=56 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=57 b_id=57 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 10016 Web Browser XSS Protection Not Enabled 1 2 Low (Medium) <p>Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server</p> http://localhost:8080/bodgeit/contact.jsp?anticsrf=0.34451366232336433&comments&null <p>Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.</p> <p>The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it: </p><p>X-XSS-Protection: 1; mode=block</p><p>X-XSS-Protection: 1; report=http://www.example.com/xss</p><p>The following values would disable it:</p><p>X-XSS-Protection: 0</p><p>The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).</p><p>Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).</p> <p>https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</p><p>https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/</p> 933 14 10021 X-Content-Type-Options Header Missing 1 2 Low (Medium) <p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.</p> http://localhost:8080/bodgeit/contact.jsp?anticsrf=0.34451366232336433&comments&null <p>Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.</p><p>If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.</p> <p>This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.</p><p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx</p><p>https://www.owasp.org/index.php/List_of_useful_HTTP_headers</p> 15 10020 X-Frame-Options Header Not Set 2 2 Medium (Medium) <p>X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks.</p> http://localhost:8080/bodgeit/contact.jsp?anticsrf=0.34451366232336433&comments&null <p>Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).</p> <p>At "High" threshold this scanner will not alert on client or server error responses.</p> <p>http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx</p> 10010 Cookie set without HttpOnly flag 1 2 Low (Medium) <p>A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.</p> http://localhost:8080/bodgeit/basket.jsp b_id=58 b_id=58 <p>Ensure that the HttpOnly flag is set for all cookies.</p> <p>www.owasp.org/index.php/HttpOnly</p> 13 40012 Cross Site Scripting (Reflected) 3 2 High (Medium) <p>Cross-site Scripting (XSS) is an attack technique that involves echoing attacker-supplied code into a user's browser instance. A browser instance can be a standard web browser client, or a browser object embedded in a software product such as the browser within WinAmp, an RSS reader, or an email client. The code itself is usually written in HTML/JavaScript, but may also extend to VBScript, ActiveX, Java, Flash, or any other browser-supported technology.</p><p>When an attacker gets a user's browser to execute his/her code, the code will run within the security context (or zone) of the hosting web site. With this level of privilege, the code has the ability to read, modify and transmit any sensitive data accessible by the browser. A Cross-site Scripted user could have his/her account hijacked (cookie theft), their browser redirected to another location, or possibly shown fraudulent content delivered by the web site they are visiting. Cross-site Scripting attacks essentially compromise the trust relationship between a user and the web site. Applications utilizing browser object instances which load content from the file system may execute code under the local machine zone allowing for system compromise.</p><p></p><p>There are three types of Cross-site Scripting attacks: non-persistent, persistent and DOM-based.</p><p>Non-persistent attacks and DOM-based attacks require a user to either visit a specially crafted link laced with malicious code, or visit a malicious web page containing a web form, which when posted to the vulnerable site, will mount the attack. Using a malicious form will oftentimes take place when the vulnerable resource only accepts HTTP POST requests. In such a case, the form can be submitted automatically, without the victim's knowledge (e.g. by using JavaScript). Upon clicking on the malicious link or submitting the malicious form, the XSS payload will get echoed back and will get interpreted by the user's browser and execute. Another technique to send almost arbitrary requests (GET and POST) is by using an embedded client, such as Adobe Flash.</p><p>Persistent attacks occur when the malicious code is submitted to a web site where it's stored for a period of time. Examples of an attacker's favorite targets often include message board posts, web mail messages, and web chat software. The unsuspecting user is not required to interact with any additional site/link (e.g. an attacker site or a malicious link sent via email), just simply view the web page containing the code.</p> http://localhost:8080/bodgeit/search.jsp?q=%3C%2Ffont%3E%3Cscript%3Ealert%281%29%3B%3C%2Fscript%3E%3Cfont%3E q </font><script>alert(1);</script><font> </font><script>alert(1);</script><font> <p>Phase: Architecture and Design</p><p>Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.</p><p>Examples of libraries and frameworks that make it easier to generate properly encoded output include Microsoft's Anti-XSS library, the OWASP ESAPI Encoding module, and Apache Wicket.</p><p></p><p>Phases: Implementation; Architecture and Design</p><p>Understand the context in which your data will be used and the encoding that will be expected. This is especially important when transmitting data between different components, or when generating outputs that can contain multiple encodings at the same time, such as web pages or multi-part mail messages. Study all expected communication protocols and data representations to determine the required encoding strategies.</p><p>For any data that will be output to another web page, especially any data that was received from external inputs, use the appropriate encoding on all non-alphanumeric characters.</p><p>Consult the XSS Prevention Cheat Sheet for more details on the types of encoding and escaping that are needed.</p><p></p><p>Phase: Architecture and Design</p><p>For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.</p><p></p><p>If available, use structured mechanisms that automatically enforce the separation between data and code. These mechanisms may be able to provide the relevant quoting, encoding, and validation automatically, instead of relying on the developer to provide this capability at every point where output is generated.</p><p></p><p>Phase: Implementation</p><p>For every web page that is generated, use and specify a character encoding such as ISO-8859-1 or UTF-8. When an encoding is not specified, the web browser may choose a different encoding by guessing which encoding is actually being used by the web page. This can cause the web browser to treat certain sequences as special, opening up the client to subtle XSS attacks. See CWE-116 for more mitigations related to encoding/escaping.</p><p></p><p>To help mitigate XSS attacks against the user's session cookie, set the session cookie to be HttpOnly. In browsers that support the HttpOnly feature (such as more recent versions of Internet Explorer and Firefox), this attribute can prevent the user's session cookie from being accessible to malicious client-side scripts that use document.cookie. This is not a complete solution, since HttpOnly is not supported by all browsers. More importantly, XMLHTTPRequest and other powerful browser technologies provide read access to HTTP headers, including the Set-Cookie header in which the HttpOnly flag is set.</p><p></p><p>Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a whitelist of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a blacklist). However, blacklists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.</p><p></p><p>When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as "red" or "blue."</p><p></p><p>Ensure that you perform input validation at well-defined interfaces within the application. This will help protect the application even if a component is reused or moved elsewhere.</p> <p>http://projects.webappsec.org/Cross-Site-Scripting</p><p>http://cwe.mitre.org/data/definitions/79.html</p> 79 8 40018 SQL Injection 3 2 High (Medium) <p>SQL injection may be possible.</p> http://localhost:8080/bodgeit/basket.jsp productid 5-2 <p>Do not trust client side input, even if there is client side validation in place. </p><p>In general, type check all data on the server side.</p><p>If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'</p><p>If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.</p><p>If database Stored Procedures can be used, use them.</p><p>Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!</p><p>Do not create dynamic SQL queries using simple string concatenation.</p><p>Escape all data received from the client.</p><p>Apply a 'whitelist' of allowed characters, or a 'blacklist' of disallowed characters in user input.</p><p>Apply the principle of least privilege by using the least privileged database user possible.</p><p>In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.</p><p>Grant the minimum database access that is necessary for the application.</p> <p>The original page results were successfully replicated using the expression [5-2] as the parameter value</p><p>The parameter value being modified was NOT stripped from the HTML output for the purposes of the comparison</p> <p>https://www.owasp.org/index.php/Top_10_2010-A1</p><p>https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet</p> 89 19 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/advanced.jsp product POST http://localhost:8080/bodgeit/advanced.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2143 Referer: http://localhost:8080/bodgeit/advanced.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/advanced.jsp price POST http://localhost:8080/bodgeit/advanced.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2143 Referer: http://localhost:8080/bodgeit/advanced.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/advanced.jsp description POST http://localhost:8080/bodgeit/advanced.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2143 Referer: http://localhost:8080/bodgeit/advanced.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2131 Referer: http://localhost:8080/bodgeit/product.jsp?prodid=3 Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/advanced.jsp type POST http://localhost:8080/bodgeit/advanced.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2143 Referer: http://localhost:8080/bodgeit/advanced.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/advanced.jsp q POST http://localhost:8080/bodgeit/advanced.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2102 Referer: http://localhost:8080/bodgeit/advanced.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_7 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2132 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_21 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2133 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_14 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2133 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_28 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2133 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_22 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2133 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_23 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2133 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_30 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2133 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_1 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2146 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_19 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2146 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_25 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2146 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_9 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2146 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_2 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2146 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_18 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2133 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_10 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2146 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_8 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2132 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_26 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2133 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_27 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2133 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_11 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2133 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_24 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2133 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_13 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2147 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_12 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2147 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_15 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2133 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_16 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2133 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_29 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2133 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_31 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2133 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_32 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2133 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30001 Buffer Overflow 2 2 Medium (Medium) <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way. </p> http://localhost:8080/bodgeit/basket.jsp quantity_3 POST http://localhost:8080/bodgeit/basket.jsp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Content-Length: 2132 Referer: http://localhost:8080/bodgeit/basket.jsp Host: localhost:8080 <p>Rewrite the background program using proper return length checking. This will require a recompile of the background executable.</p> <p>Potential Buffer Overflow. The script closed the connection and threw a 500 Internal Server Error</p> <p>https://www.owasp.org/index.php/Buffer_overflow_attack</p> 120 7 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/advanced.jsp product ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/advanced.jsp price ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/advanced.jsp description ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/advanced.jsp type ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/advanced.jsp q ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_7 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_21 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_14 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_28 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_22 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_30 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_23 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_1 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_19 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_25 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_9 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_18 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_2 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_10 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_26 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_8 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_11 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_27 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_24 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_13 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_12 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_15 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_16 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_29 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_31 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_32 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6 30002 Format String Error 2 2 Medium (Medium) <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application. </p> http://localhost:8080/bodgeit/basket.jsp quantity_3 ZAP <p>Rewrite the background program using proper deletion of bad character strings. This will require a recompile of the background executable.</p> <p>Potential Format String Error. The script closed the connection on a /%s</p> <p>https://www.owasp.org/index.php/Format_string_attack</p> 134 6