Patrick.Sy/spring-petclinic
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-petclinic.git synced 2025-07-20 14:55:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

add zap

Browse source
This commit is contained in:
Nicholas Mucks 2024-07-21 16:04:16 -07:00
parent 58d325f751
commit 07c5931745
2 changed files with 140 additions and 96 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
spring-petclinic.yml
View file

@ -1,3 +1,5 @@
version: '3'
services:
petclinic:
build:
@ -33,6 +35,16 @@ services:
depends_on:
- prometheus
zap:
image: ghcr.io/zaproxy/zaproxy:stable
command: zap-baseline.py -t http://petclinic:8080 -g gen.conf -r zap-report.html
volumes:
- ./zap-report:/zap/wrk:rw
networks:
- custom-network
depends_on:
- petclinic
volumes:
prometheus_data:
grafana_data:

222
zap-report/zap-report.html
View file

@ -122,12 +122,12 @@ td {
<h2>
Site: http://localhost:8080
Site: http://petclinic:8080
</h2>
<h3>
Generated on Sun, 21 Jul 2024 03:17:02
Generated on Sun, 21 Jul 2024 23:02:25
</h3>
<h3>
@ -245,7 +245,7 @@ td {
<tr>
<td><a href="#10021">X-Content-Type-Options Header Missing</a></td>
<td align="center" class="risk-1">Low</td>
<td align="center">11</td>
<td align="center">12</td>
</tr>
<tr>
<td><a href="#10027">Information Disclosure - Suspicious Comments</a></td>
@ -313,7 +313,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/find">http://localhost:8080/owners/find</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/find">http://petclinic:8080/owners/find</a></td>
</tr>
<tr>
<td width="20%"
@ -345,7 +345,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/new">http://petclinic:8080/owners/new</a></td>
</tr>
<tr>
<td width="20%"
@ -376,7 +376,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners?lastName=ZAP">http://localhost:8080/owners?lastName=ZAP</a></td>
<td width="80%"><a href="http://petclinic:8080/owners?lastName=ZAP">http://petclinic:8080/owners?lastName=ZAP</a></td>
</tr>
<tr>
<td width="20%"
@ -408,7 +408,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/new">http://petclinic:8080/owners/new</a></td>
</tr>
<tr>
<td width="20%"
@ -537,7 +537,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080">http://localhost:8080</a></td>
<td width="80%"><a href="http://petclinic:8080">http://petclinic:8080</a></td>
</tr>
<tr>
<td width="20%"
@ -568,7 +568,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/">http://localhost:8080/</a></td>
<td width="80%"><a href="http://petclinic:8080/">http://petclinic:8080/</a></td>
</tr>
<tr>
<td width="20%"
@ -599,7 +599,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/find">http://localhost:8080/owners/find</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/find">http://petclinic:8080/owners/find</a></td>
</tr>
<tr>
<td width="20%"
@ -630,7 +630,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/new">http://petclinic:8080/owners/new</a></td>
</tr>
<tr>
<td width="20%"
@ -661,7 +661,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners?lastName=ZAP">http://localhost:8080/owners?lastName=ZAP</a></td>
<td width="80%"><a href="http://petclinic:8080/owners?lastName=ZAP">http://petclinic:8080/owners?lastName=ZAP</a></td>
</tr>
<tr>
<td width="20%"
@ -692,7 +692,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/vets.html">http://localhost:8080/vets.html</a></td>
<td width="80%"><a href="http://petclinic:8080/vets.html">http://petclinic:8080/vets.html</a></td>
</tr>
<tr>
<td width="20%"
@ -723,7 +723,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/vets.html?page=1">http://localhost:8080/vets.html?page=1</a></td>
<td width="80%"><a href="http://petclinic:8080/vets.html?page=1">http://petclinic:8080/vets.html?page=1</a></td>
</tr>
<tr>
<td width="20%"
@ -754,7 +754,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/vets.html?page=2">http://localhost:8080/vets.html?page=2</a></td>
<td width="80%"><a href="http://petclinic:8080/vets.html?page=2">http://petclinic:8080/vets.html?page=2</a></td>
</tr>
<tr>
<td width="20%"
@ -785,7 +785,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/new">http://petclinic:8080/owners/new</a></td>
</tr>
<tr>
<td width="20%"
@ -887,7 +887,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080">http://localhost:8080</a></td>
<td width="80%"><a href="http://petclinic:8080">http://petclinic:8080</a></td>
</tr>
<tr>
<td width="20%"
@ -918,7 +918,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/">http://localhost:8080/</a></td>
<td width="80%"><a href="http://petclinic:8080/">http://petclinic:8080/</a></td>
</tr>
<tr>
<td width="20%"
@ -949,7 +949,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/find">http://localhost:8080/owners/find</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/find">http://petclinic:8080/owners/find</a></td>
</tr>
<tr>
<td width="20%"
@ -980,7 +980,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/new">http://petclinic:8080/owners/new</a></td>
</tr>
<tr>
<td width="20%"
@ -1011,7 +1011,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners?lastName=ZAP">http://localhost:8080/owners?lastName=ZAP</a></td>
<td width="80%"><a href="http://petclinic:8080/owners?lastName=ZAP">http://petclinic:8080/owners?lastName=ZAP</a></td>
</tr>
<tr>
<td width="20%"
@ -1042,7 +1042,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/vets.html">http://localhost:8080/vets.html</a></td>
<td width="80%"><a href="http://petclinic:8080/vets.html">http://petclinic:8080/vets.html</a></td>
</tr>
<tr>
<td width="20%"
@ -1073,7 +1073,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/vets.html?page=1">http://localhost:8080/vets.html?page=1</a></td>
<td width="80%"><a href="http://petclinic:8080/vets.html?page=1">http://petclinic:8080/vets.html?page=1</a></td>
</tr>
<tr>
<td width="20%"
@ -1104,7 +1104,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/vets.html?page=2">http://localhost:8080/vets.html?page=2</a></td>
<td width="80%"><a href="http://petclinic:8080/vets.html?page=2">http://petclinic:8080/vets.html?page=2</a></td>
</tr>
<tr>
<td width="20%"
@ -1135,7 +1135,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/new">http://petclinic:8080/owners/new</a></td>
</tr>
<tr>
<td width="20%"
@ -1222,7 +1222,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080">http://localhost:8080</a></td>
<td width="80%"><a href="http://petclinic:8080">http://petclinic:8080</a></td>
</tr>
<tr>
<td width="20%"
@ -1253,7 +1253,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080">http://localhost:8080</a></td>
<td width="80%"><a href="http://petclinic:8080">http://petclinic:8080</a></td>
</tr>
<tr>
<td width="20%"
@ -1284,7 +1284,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/">http://localhost:8080/</a></td>
<td width="80%"><a href="http://petclinic:8080/">http://petclinic:8080/</a></td>
</tr>
<tr>
<td width="20%"
@ -1315,7 +1315,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/">http://localhost:8080/</a></td>
<td width="80%"><a href="http://petclinic:8080/">http://petclinic:8080/</a></td>
</tr>
<tr>
<td width="20%"
@ -1346,7 +1346,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/find">http://localhost:8080/owners/find</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/find">http://petclinic:8080/owners/find</a></td>
</tr>
<tr>
<td width="20%"
@ -1377,7 +1377,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/find">http://localhost:8080/owners/find</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/find">http://petclinic:8080/owners/find</a></td>
</tr>
<tr>
<td width="20%"
@ -1408,7 +1408,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners?lastName=ZAP">http://petclinic:8080/owners?lastName=ZAP</a></td>
</tr>
<tr>
<td width="20%"
@ -1439,7 +1439,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners?lastName=ZAP">http://petclinic:8080/owners?lastName=ZAP</a></td>
</tr>
<tr>
<td width="20%"
@ -1470,7 +1470,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners?lastName=ZAP">http://localhost:8080/owners?lastName=ZAP</a></td>
<td width="80%"><a href="http://petclinic:8080/vets.html">http://petclinic:8080/vets.html</a></td>
</tr>
<tr>
<td width="20%"
@ -1501,7 +1501,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners?lastName=ZAP">http://localhost:8080/owners?lastName=ZAP</a></td>
<td width="80%"><a href="http://petclinic:8080/vets.html">http://petclinic:8080/vets.html</a></td>
</tr>
<tr>
<td width="20%"
@ -1585,7 +1585,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/oups">http://localhost:8080/oups</a></td>
<td width="80%"><a href="http://petclinic:8080/oups">http://petclinic:8080/oups</a></td>
</tr>
<tr>
<td width="20%"
@ -1666,7 +1666,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080">http://localhost:8080</a></td>
<td width="80%"><a href="http://petclinic:8080">http://petclinic:8080</a></td>
</tr>
<tr>
<td width="20%"
@ -1697,7 +1697,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080">http://localhost:8080</a></td>
<td width="80%"><a href="http://petclinic:8080">http://petclinic:8080</a></td>
</tr>
<tr>
<td width="20%"
@ -1728,7 +1728,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/">http://localhost:8080/</a></td>
<td width="80%"><a href="http://petclinic:8080/">http://petclinic:8080/</a></td>
</tr>
<tr>
<td width="20%"
@ -1759,7 +1759,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/">http://localhost:8080/</a></td>
<td width="80%"><a href="http://petclinic:8080/">http://petclinic:8080/</a></td>
</tr>
<tr>
<td width="20%"
@ -1790,7 +1790,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/find">http://localhost:8080/owners/find</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/find">http://petclinic:8080/owners/find</a></td>
</tr>
<tr>
<td width="20%"
@ -1821,7 +1821,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/find">http://localhost:8080/owners/find</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/find">http://petclinic:8080/owners/find</a></td>
</tr>
<tr>
<td width="20%"
@ -1852,7 +1852,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners?lastName=ZAP">http://petclinic:8080/owners?lastName=ZAP</a></td>
</tr>
<tr>
<td width="20%"
@ -1883,7 +1883,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners?lastName=ZAP">http://petclinic:8080/owners?lastName=ZAP</a></td>
</tr>
<tr>
<td width="20%"
@ -1914,7 +1914,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners?lastName=ZAP">http://localhost:8080/owners?lastName=ZAP</a></td>
<td width="80%"><a href="http://petclinic:8080/vets.html">http://petclinic:8080/vets.html</a></td>
</tr>
<tr>
<td width="20%"
@ -1945,7 +1945,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners?lastName=ZAP">http://localhost:8080/owners?lastName=ZAP</a></td>
<td width="80%"><a href="http://petclinic:8080/vets.html">http://petclinic:8080/vets.html</a></td>
</tr>
<tr>
<td width="20%"
@ -1976,7 +1976,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/new">http://petclinic:8080/owners/new</a></td>
</tr>
<tr>
<td width="20%"
@ -2007,7 +2007,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/new">http://petclinic:8080/owners/new</a></td>
</tr>
<tr>
<td width="20%"
@ -2088,7 +2088,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/oups">http://localhost:8080/oups</a></td>
<td width="80%"><a href="http://petclinic:8080/oups">http://petclinic:8080/oups</a></td>
</tr>
<tr>
<td width="20%"
@ -2169,7 +2169,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080">http://localhost:8080</a></td>
<td width="80%"><a href="http://petclinic:8080">http://petclinic:8080</a></td>
</tr>
<tr>
<td width="20%"
@ -2200,7 +2200,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/">http://localhost:8080/</a></td>
<td width="80%"><a href="http://petclinic:8080/">http://petclinic:8080/</a></td>
</tr>
<tr>
<td width="20%"
@ -2231,7 +2231,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/find">http://localhost:8080/owners/find</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/find">http://petclinic:8080/owners/find</a></td>
</tr>
<tr>
<td width="20%"
@ -2262,7 +2262,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/new">http://petclinic:8080/owners/new</a></td>
</tr>
<tr>
<td width="20%"
@ -2293,7 +2293,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners?lastName=ZAP">http://localhost:8080/owners?lastName=ZAP</a></td>
<td width="80%"><a href="http://petclinic:8080/owners?lastName=ZAP">http://petclinic:8080/owners?lastName=ZAP</a></td>
</tr>
<tr>
<td width="20%"
@ -2324,7 +2324,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/vets.html">http://localhost:8080/vets.html</a></td>
<td width="80%"><a href="http://petclinic:8080/vets.html">http://petclinic:8080/vets.html</a></td>
</tr>
<tr>
<td width="20%"
@ -2355,7 +2355,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/vets.html?page=1">http://localhost:8080/vets.html?page=1</a></td>
<td width="80%"><a href="http://petclinic:8080/vets.html?page=1">http://petclinic:8080/vets.html?page=1</a></td>
</tr>
<tr>
<td width="20%"
@ -2386,7 +2386,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/vets.html?page=2">http://localhost:8080/vets.html?page=2</a></td>
<td width="80%"><a href="http://petclinic:8080/vets.html?page=2">http://petclinic:8080/vets.html?page=2</a></td>
</tr>
<tr>
<td width="20%"
@ -2417,7 +2417,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/webjars/bootstrap/5.3.3/dist/js/bootstrap.bundle.min.js">http://localhost:8080/webjars/bootstrap/5.3.3/dist/js/bootstrap.bundle.min.js</a></td>
<td width="80%"><a href="http://petclinic:8080/webjars/bootstrap/5.3.3/dist/js/bootstrap.bundle.min.js">http://petclinic:8080/webjars/bootstrap/5.3.3/dist/js/bootstrap.bundle.min.js</a></td>
</tr>
<tr>
<td width="20%"
@ -2448,7 +2448,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/new">http://petclinic:8080/owners/new</a></td>
</tr>
<tr>
<td width="20%"
@ -2544,7 +2544,7 @@ td {
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080">http://localhost:8080</a></td>
<td width="80%"><a href="http://petclinic:8080">http://petclinic:8080</a></td>
</tr>
<tr>
<td width="20%"
@ -2576,7 +2576,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/">http://localhost:8080/</a></td>
<td width="80%"><a href="http://petclinic:8080/">http://petclinic:8080/</a></td>
</tr>
<tr>
<td width="20%"
@ -2608,7 +2608,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/find">http://localhost:8080/owners/find</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/find">http://petclinic:8080/owners/find</a></td>
</tr>
<tr>
<td width="20%"
@ -2640,7 +2640,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/new">http://petclinic:8080/owners/new</a></td>
</tr>
<tr>
<td width="20%"
@ -2672,7 +2672,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners?lastName=ZAP">http://localhost:8080/owners?lastName=ZAP</a></td>
<td width="80%"><a href="http://petclinic:8080/owners?lastName=ZAP">http://petclinic:8080/owners?lastName=ZAP</a></td>
</tr>
<tr>
<td width="20%"
@ -2704,7 +2704,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/resources/css/petclinic.css">http://localhost:8080/resources/css/petclinic.css</a></td>
<td width="80%"><a href="http://petclinic:8080/resources/css/petclinic.css">http://petclinic:8080/resources/css/petclinic.css</a></td>
</tr>
<tr>
<td width="20%"
@ -2736,7 +2736,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/resources/images/favicon.png">http://localhost:8080/resources/images/favicon.png</a></td>
<td width="80%"><a href="http://petclinic:8080/resources/images/favicon.png">http://petclinic:8080/resources/images/favicon.png</a></td>
</tr>
<tr>
<td width="20%"
@ -2768,7 +2768,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/resources/images/pets.png">http://localhost:8080/resources/images/pets.png</a></td>
<td width="80%"><a href="http://petclinic:8080/resources/images/pets.png">http://petclinic:8080/resources/images/pets.png</a></td>
</tr>
<tr>
<td width="20%"
@ -2800,7 +2800,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/resources/images/spring-logo.svg">http://localhost:8080/resources/images/spring-logo.svg</a></td>
<td width="80%"><a href="http://petclinic:8080/resources/images/spring-logo.svg">http://petclinic:8080/resources/images/spring-logo.svg</a></td>
</tr>
<tr>
<td width="20%"
@ -2832,7 +2832,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/webjars/bootstrap/5.3.3/dist/js/bootstrap.bundle.min.js">http://localhost:8080/webjars/bootstrap/5.3.3/dist/js/bootstrap.bundle.min.js</a></td>
<td width="80%"><a href="http://petclinic:8080/vets.html">http://petclinic:8080/vets.html</a></td>
</tr>
<tr>
<td width="20%"
@ -2864,7 +2864,39 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/webjars/font-awesome/4.7.0/css/font-awesome.min.css">http://localhost:8080/webjars/font-awesome/4.7.0/css/font-awesome.min.css</a></td>
<td width="80%"><a href="http://petclinic:8080/webjars/bootstrap/5.3.3/dist/js/bootstrap.bundle.min.js">http://petclinic:8080/webjars/bootstrap/5.3.3/dist/js/bootstrap.bundle.min.js</a></td>
</tr>
<tr>
<td width="20%"
class="indent2">Method</td>
<td width="80%">GET</td>
</tr>
<tr>
<td width="20%"
class="indent2">Parameter</td>
<td width="80%">x-content-type-options</td>
</tr>
<tr>
<td width="20%"
class="indent2">Attack</td>
<td width="80%"></td>
</tr>
<tr>
<td width="20%"
class="indent2">Evidence</td>
<td width="80%"></td>
</tr>
<tr>
<td width="20%"
class="indent2">Other Info</td>
<td width="80%">This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.
At &quot;High&quot; threshold this scan rule will not alert on client or server error responses.</td>
</tr>
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://petclinic:8080/webjars/font-awesome/4.7.0/css/font-awesome.min.css">http://petclinic:8080/webjars/font-awesome/4.7.0/css/font-awesome.min.css</a></td>
</tr>
<tr>
<td width="20%"
@ -2895,7 +2927,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%">Instances</td>
<td width="80%">11</td>
<td width="80%">12</td>
</tr>
<tr>
<td width="20%">Solution</td>
@ -2955,7 +2987,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/webjars/bootstrap/5.3.3/dist/js/bootstrap.bundle.min.js">http://localhost:8080/webjars/bootstrap/5.3.3/dist/js/bootstrap.bundle.min.js</a></td>
<td width="80%"><a href="http://petclinic:8080/webjars/bootstrap/5.3.3/dist/js/bootstrap.bundle.min.js">http://petclinic:8080/webjars/bootstrap/5.3.3/dist/js/bootstrap.bundle.min.js</a></td>
</tr>
<tr>
<td width="20%"
@ -3036,7 +3068,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/oups">http://localhost:8080/oups</a></td>
<td width="80%"><a href="http://petclinic:8080/oups">http://petclinic:8080/oups</a></td>
</tr>
<tr>
<td width="20%"
@ -3159,7 +3191,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080">http://localhost:8080</a></td>
<td width="80%"><a href="http://petclinic:8080">http://petclinic:8080</a></td>
</tr>
<tr>
<td width="20%"
@ -3190,7 +3222,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/">http://localhost:8080/</a></td>
<td width="80%"><a href="http://petclinic:8080/">http://petclinic:8080/</a></td>
</tr>
<tr>
<td width="20%"
@ -3221,7 +3253,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/find">http://localhost:8080/owners/find</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/find">http://petclinic:8080/owners/find</a></td>
</tr>
<tr>
<td width="20%"
@ -3252,7 +3284,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/resources/css/petclinic.css">http://localhost:8080/resources/css/petclinic.css</a></td>
<td width="80%"><a href="http://petclinic:8080/resources/css/petclinic.css">http://petclinic:8080/resources/css/petclinic.css</a></td>
</tr>
<tr>
<td width="20%"
@ -3283,7 +3315,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/resources/images/favicon.png">http://localhost:8080/resources/images/favicon.png</a></td>
<td width="80%"><a href="http://petclinic:8080/resources/images/favicon.png">http://petclinic:8080/resources/images/favicon.png</a></td>
</tr>
<tr>
<td width="20%"
@ -3314,7 +3346,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/resources/images/pets.png">http://localhost:8080/resources/images/pets.png</a></td>
<td width="80%"><a href="http://petclinic:8080/resources/images/pets.png">http://petclinic:8080/resources/images/pets.png</a></td>
</tr>
<tr>
<td width="20%"
@ -3345,7 +3377,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/resources/images/spring-logo.svg">http://localhost:8080/resources/images/spring-logo.svg</a></td>
<td width="80%"><a href="http://petclinic:8080/resources/images/spring-logo.svg">http://petclinic:8080/resources/images/spring-logo.svg</a></td>
</tr>
<tr>
<td width="20%"
@ -3376,7 +3408,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/robots.txt">http://localhost:8080/robots.txt</a></td>
<td width="80%"><a href="http://petclinic:8080/robots.txt">http://petclinic:8080/robots.txt</a></td>
</tr>
<tr>
<td width="20%"
@ -3407,7 +3439,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/sitemap.xml">http://localhost:8080/sitemap.xml</a></td>
<td width="80%"><a href="http://petclinic:8080/sitemap.xml">http://petclinic:8080/sitemap.xml</a></td>
</tr>
<tr>
<td width="20%"
@ -3438,7 +3470,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/webjars/font-awesome/4.7.0/css/font-awesome.min.css">http://localhost:8080/webjars/font-awesome/4.7.0/css/font-awesome.min.css</a></td>
<td width="80%"><a href="http://petclinic:8080/webjars/font-awesome/4.7.0/css/font-awesome.min.css">http://petclinic:8080/webjars/font-awesome/4.7.0/css/font-awesome.min.css</a></td>
</tr>
<tr>
<td width="20%"
@ -3540,7 +3572,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners?lastName=ZAP">http://localhost:8080/owners?lastName=ZAP</a></td>
<td width="80%"><a href="http://petclinic:8080/owners?lastName=ZAP">http://petclinic:8080/owners?lastName=ZAP</a></td>
</tr>
<tr>
<td width="20%"
@ -3567,7 +3599,7 @@ At &quot;High&quot; threshold this scan rule will not alert on client or server
class="indent2">Other Info</td>
<td width="80%">User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL:
http://localhost:8080/owners?lastName=ZAP
http://petclinic:8080/owners?lastName=ZAP
appears to include user input in:
@ -3583,7 +3615,7 @@ zap</td>
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/new">http://petclinic:8080/owners/new</a></td>
</tr>
<tr>
<td width="20%"
@ -3610,7 +3642,7 @@ zap</td>
class="indent2">Other Info</td>
<td width="80%">User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL:
http://localhost:8080/owners/new
http://petclinic:8080/owners/new
appears to include user input in:
@ -3626,7 +3658,7 @@ The user-controlled value was:
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/new">http://petclinic:8080/owners/new</a></td>
</tr>
<tr>
<td width="20%"
@ -3653,7 +3685,7 @@ The user-controlled value was:
class="indent2">Other Info</td>
<td width="80%">User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL:
http://localhost:8080/owners/new
http://petclinic:8080/owners/new
appears to include user input in:
@ -3669,7 +3701,7 @@ east romaineburgh</td>
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/new">http://petclinic:8080/owners/new</a></td>
</tr>
<tr>
<td width="20%"
@ -3696,7 +3728,7 @@ east romaineburgh</td>
class="indent2">Other Info</td>
<td width="80%">User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL:
http://localhost:8080/owners/new
http://petclinic:8080/owners/new
appears to include user input in:
@ -3712,7 +3744,7 @@ zap</td>
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/new">http://petclinic:8080/owners/new</a></td>
</tr>
<tr>
<td width="20%"
@ -3739,7 +3771,7 @@ zap</td>
class="indent2">Other Info</td>
<td width="80%">User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL:
http://localhost:8080/owners/new
http://petclinic:8080/owners/new
appears to include user input in:
@ -3755,7 +3787,7 @@ zap</td>
<tr>
<td width="20%"
class="indent1">URL</td>
<td width="80%"><a href="http://localhost:8080/owners/new">http://localhost:8080/owners/new</a></td>
<td width="80%"><a href="http://petclinic:8080/owners/new">http://petclinic:8080/owners/new</a></td>
</tr>
<tr>
<td width="20%"
@ -3782,7 +3814,7 @@ zap</td>
class="indent2">Other Info</td>
<td width="80%">User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL:
http://localhost:8080/owners/new
http://petclinic:8080/owners/new
appears to include user input in: