Vulnerability Name Classifications Severity
Expect-CT Not Enabled CWE-16, ISO27001-A.14.1.2, WASC-15 Best Practice
Insecure Transportation Security Protocol Supported (TLS 1.1) PCI v3.2-6.5.4, CAPEC-217, CWE-326, HIPAA-164.306, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 Best Practice
Missing X-XSS-Protection Header CWE-16, HIPAA-164.308(a), ISO27001-A.14.2.5, WASC-15 Best Practice
Referrer-Policy Not Implemented CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3 Best Practice
SameSite Cookie Not Implemented CWE-16, ISO27001-A.14.2.5, WASC-15 Best Practice
SameSite None Cookie Not Marked as Secure CWE-16, ISO27001-A.14.2.5, WASC-15 Best Practice
Subresource Integrity (SRI) Not Implemented CWE-16, ISO27001-A.14.2.5, WASC-15 Best Practice
.htaccess File Detected CWE-285, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Information
aah Go Server Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
AbanteCart Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
actionhero.js Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Adminer Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Administration Page Detected PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.4.1, WASC-34, OWASP 2013-A7, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Information
AEM Detected CWE-205, ISO27001-A14.2.5, WASC-13, OWASP 2017-A6 Information
Ampache Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
An Unsafe Content Security Policy (CSP) Directive in Use CWE-16, ISO27001-A.14.2.5, WASC-15 Information
Angularjs Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Apache Coyote Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Apache Module Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Apache Shiro Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Apache Traffic Server Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Apache Web Server Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Apple’s App-Site Association (AASA) Detected ISO27001-A.18.1.3 Information
Artifactory DevOps Solution Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
ASP.NET Debugging Enabled CWE-16, ISO27001-A.9.4.1, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Information
ASP.NET Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
ASP.NET MVC Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
AspNetSignalR Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Atlassian Confluence Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Atlassian Jira Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Atlassian Proxy Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
ATutor Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Authorization Required ISO27001-A.9.4.1 Information
Autocomplete Enabled (Password Field) CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Information
AWStats Detected CAPEC-224, CWE-205, ISO27001-A.14.2.5, WASC-45, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Information
Axios Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Axway SecureTransport Server Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
b2evolution Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Backbonejs Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Basic Authorization Required ISO27001-A.9.4.1 Information
BitNinja Captcha Server Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Bluebird Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Bomgar Remote Support Software Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Bootbox Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Bootstrap3DateTimePicker Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Bootstrapjs Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
BootstrapSelect Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
BootstrapTable Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
BootstrapToggle Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
BootstrapTypeahead Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Caddy Web Server Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
CakePHP Framework Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
CanvasJS Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
CDN Detected (Airee) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Akamai) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Arvan Cloud) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Azure CDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (CDN77) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Fastly) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Fireblade) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Google Cloud CDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Incapsula) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Instart) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (JsDelivr) CAPEC-224, CWE-200, WASC-45 Information
CDN Detected (KeyCDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (MaxCDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Netlify) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (PowerCDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Qrator) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (StackPath) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Sucuri) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (West263) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
Cdnjs Identified CWE-205, ISO27001-A14.2.5, WASC-13, OWASP 2017-A6 Information
Chamilo Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Chartjs Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information