Skip to content

Navigation Menu

Explore
By size
By industry
By use case
Topics
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search syntax tips

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

deegree / deegree3 Public

Notifications You must be signed in to change notification settings
Fork 98
Star 144

Code
Issues 233
Pull requests 14
Actions
Projects 1
Wiki
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Actions
Projects
Wiki
Security
Insights

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Findings from ZAP Penetration Test of deegree Console #1615

Open

16 tasks

PaulJade opened this issue Dec 1, 2023 · 0 comments

Open

16 tasks

Findings from ZAP Penetration Test of deegree Console #1615

PaulJade opened this issue Dec 1, 2023 · 0 comments

Assignees

Labels

error issue and bug (fix)

deegree administration console

contributions welcome

asking for contribution (time and money sponsor)

Common Vulnerabilities and Exposures

to be discussed by technical management committee members

Projects

TMC board (public)

Comments

Copy link

PaulJade commented Dec 1, 2023 •

edited

Loading

Used Software: https://www.zaproxy.org/download/

Findings

PII Disclosure
Absence of Anti-CSRF Tokens
Content Security Policy (CSP) Header Not Set
Missing Anti-clickjacking Header
Pufferüberlauf
Session ID in URL Rewrite
Application Error Disclosure
Cookie without SameSite Attribute
Information Disclosure - Debug Error Messages
Referer Exposes Session ID
X-Content-Type-Options Header Missing
Information Disclosure - Suspicious Comments
Loosely Scoped Cookie
Modern Web Application
Session Management Response Identified
User Agent Fuzzer

The text was updated successfully, but these errors were encountered:

tfr42 added bug

error issue and bug (fix)

console

deegree administration console

CVE Common Vulnerabilities and Exposures labels

tfr42 added this to To do in TMC board (public) via automation

tfr42 added the TMC discussion to be discussed by technical management committee members label

tfr42 assigned PaulJade

tfr42 added the contributions welcome asking for contribution (time and money sponsor) label

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

bug

error issue and bug (fix)

deegree administration console

contributions welcome

asking for contribution (time and money sponsor)

Common Vulnerabilities and Exposures

to be discussed by technical management committee members

2 participants

Footer

© 2024 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.