ZAP Full Scan Report

- Site: [https://demo.virtocommerce.com](https://demo.virtocommerce.com) 
 	 **New Alerts** 
	- **User Agent Fuzzer** [10104] total: 20:  
		- [https://demo.virtocommerce.com/de-DE/themes/assets/shop.js](https://demo.virtocommerce.com/de-DE/themes/assets/shop.js) 
		- [https://demo.virtocommerce.com/en-US/themes/assets/static/bundle/styles.css?v=-j3qp9fH1MFJ3fTCy_1L6cVeqFtMUOELAcIarKl43XE](https://demo.virtocommerce.com/en-US/themes/assets/static/bundle/styles.css?v=-j3qp9fH1MFJ3fTCy_1L6cVeqFtMUOELAcIarKl43XE) 
		- [https://demo.virtocommerce.com/de-DE/camcorders/consumer-camcorders](https://demo.virtocommerce.com/de-DE/camcorders/consumer-camcorders) 
		- [https://demo.virtocommerce.com/de-DE/home-theater](https://demo.virtocommerce.com/de-DE/home-theater) 
		- [https://demo.virtocommerce.com/de-DE/account/register](https://demo.virtocommerce.com/de-DE/account/register) 
		- .. 
	- **Cookie Without Secure Flag** [10011] total: 8:  
		- [https://demo.virtocommerce.com/Clothing/](https://demo.virtocommerce.com/Clothing/) 
		- [https://demo.virtocommerce.com/](https://demo.virtocommerce.com/) 
		- [https://demo.virtocommerce.com/en-US/](https://demo.virtocommerce.com/en-US/) 
		- [https://demo.virtocommerce.com/B2B-store/](https://demo.virtocommerce.com/B2B-store/) 
		- [https://demo.virtocommerce.com/](https://demo.virtocommerce.com/) 
		- .. 
	- **Cookie Slack Detector** [90027] total: 20:  
		- [https://demo.virtocommerce.com/en-US/camcorders](https://demo.virtocommerce.com/en-US/camcorders) 
		- [https://demo.virtocommerce.com/fr-FR/themes](https://demo.virtocommerce.com/fr-FR/themes) 
		- [https://demo.virtocommerce.com/de-DE/camcorders/aerial-imaging-drones](https://demo.virtocommerce.com/de-DE/camcorders/aerial-imaging-drones) 
		- [https://demo.virtocommerce.com/en-US/blogs/news](https://demo.virtocommerce.com/en-US/blogs/news) 
		- [https://demo.virtocommerce.com/de-DE](https://demo.virtocommerce.com/de-DE) 
		- .. 
	- **Cross-Domain JavaScript Source File Inclusion** [10017] total: 11:  
		- [https://demo.virtocommerce.com/en-US/](https://demo.virtocommerce.com/en-US/) 
		- [https://demo.virtocommerce.com/](https://demo.virtocommerce.com/) 
		- [https://demo.virtocommerce.com/](https://demo.virtocommerce.com/) 
		- [https://demo.virtocommerce.com/en-US/](https://demo.virtocommerce.com/en-US/) 
		- [https://demo.virtocommerce.com/en-US/](https://demo.virtocommerce.com/en-US/) 
		- .. 
	- **Proxy Disclosure** [40025] total: 20:  
		- [https://demo.virtocommerce.com/lib](https://demo.virtocommerce.com/lib) 
		- [https://demo.virtocommerce.com/fr-FR/account/register](https://demo.virtocommerce.com/fr-FR/account/register) 
		- [https://demo.virtocommerce.com/en-US/pages](https://demo.virtocommerce.com/en-US/pages) 
		- [https://demo.virtocommerce.com/lib/bootstrap/dist/css/bootstrap.css](https://demo.virtocommerce.com/lib/bootstrap/dist/css/bootstrap.css) 
		- [https://demo.virtocommerce.com/B2B-store/themes/assets/static/bundle/scripts.js?v=YelmA79VLghkOSKVRvwv6zsFMVjGXQp3Hi5FffVC-Vo](https://demo.virtocommerce.com/B2B-store/themes/assets/static/bundle/scripts.js?v=YelmA79VLghkOSKVRvwv6zsFMVjGXQp3Hi5FffVC-Vo) 
		- .. 
	- **Information Disclosure - Suspicious Comments** [10027] total: 20:  
		- [https://demo.virtocommerce.com/lib/jquery/dist/jquery.js](https://demo.virtocommerce.com/lib/jquery/dist/jquery.js) 
		- [https://demo.virtocommerce.com/lib/jquery/dist/jquery.js](https://demo.virtocommerce.com/lib/jquery/dist/jquery.js) 
		- [https://demo.virtocommerce.com/lib/jquery/dist/jquery.js](https://demo.virtocommerce.com/lib/jquery/dist/jquery.js) 
		- [https://demo.virtocommerce.com/lib/jquery/dist/jquery.js](https://demo.virtocommerce.com/lib/jquery/dist/jquery.js) 
		- [https://demo.virtocommerce.com/lib/jquery/dist/jquery.js](https://demo.virtocommerce.com/lib/jquery/dist/jquery.js) 
		- .. 
	- **Trace.axd Information Leak** [40029] total: 3:  
		- [https://demo.virtocommerce.com/123/trace.axd](https://demo.virtocommerce.com/123/trace.axd) 
		- [https://demo.virtocommerce.com/en-US/sitemap/trace.axd](https://demo.virtocommerce.com/en-US/sitemap/trace.axd) 
		- [https://demo.virtocommerce.com/Clothing/trace.axd](https://demo.virtocommerce.com/Clothing/trace.axd) 
	- **Non-Storable Content** [10049] total: 7:  
		- [https://demo.virtocommerce.com/B2B-store/](https://demo.virtocommerce.com/B2B-store/) 
		- [https://demo.virtocommerce.com/123/](https://demo.virtocommerce.com/123/) 
		- [https://demo.virtocommerce.com/en-US/](https://demo.virtocommerce.com/en-US/) 
		- [https://demo.virtocommerce.com/](https://demo.virtocommerce.com/) 
		- [https://demo.virtocommerce.com/Clothing/](https://demo.virtocommerce.com/Clothing/) 
		- .. 
	- **Application Error Disclosure** [90022] total: 12:  
		- [https://demo.virtocommerce.com/en-US/camcorders/consumer-camcorders](https://demo.virtocommerce.com/en-US/camcorders/consumer-camcorders) 
		- [https://demo.virtocommerce.com/en-US/camcorders](https://demo.virtocommerce.com/en-US/camcorders) 
		- [https://demo.virtocommerce.com/en-US/account/login](https://demo.virtocommerce.com/en-US/account/login) 
		- [https://demo.virtocommerce.com/en-US/cell-phones](https://demo.virtocommerce.com/en-US/cell-phones) 
		- [https://demo.virtocommerce.com/en-US/camcorders/aerial-imaging-drones](https://demo.virtocommerce.com/en-US/camcorders/aerial-imaging-drones) 
		- .. 
	- **Absence of Anti-CSRF Tokens** [10202] total: 9:  
		- [https://demo.virtocommerce.com/](https://demo.virtocommerce.com/) 
		- [https://demo.virtocommerce.com/en-US/](https://demo.virtocommerce.com/en-US/) 
		- [https://demo.virtocommerce.com/en-US/](https://demo.virtocommerce.com/en-US/) 
		- [https://demo.virtocommerce.com/fr-FR/](https://demo.virtocommerce.com/fr-FR/) 
		- [https://demo.virtocommerce.com/fr-FR/](https://demo.virtocommerce.com/fr-FR/) 
		- .. 
	- **Modern Web Application** [10109] total: 11:  
		- [https://demo.virtocommerce.com/de-DE/](https://demo.virtocommerce.com/de-DE/) 
		- [https://demo.virtocommerce.com/fr-FR/](https://demo.virtocommerce.com/fr-FR/) 
		- [https://demo.virtocommerce.com/en-US/pages/about_us](https://demo.virtocommerce.com/en-US/pages/about_us) 
		- [https://demo.virtocommerce.com/en-US/contact](https://demo.virtocommerce.com/en-US/contact) 
		- [https://demo.virtocommerce.com/B2B-store/](https://demo.virtocommerce.com/B2B-store/) 
		- .. 
	- **Reverse Tabnabbing** [10108] total: 5:  
		- [https://demo.virtocommerce.com/en-US/](https://demo.virtocommerce.com/en-US/) 
		- [https://demo.virtocommerce.com/](https://demo.virtocommerce.com/) 
		- [https://demo.virtocommerce.com/B2B-store/](https://demo.virtocommerce.com/B2B-store/) 
		- [https://demo.virtocommerce.com/fr-FR/](https://demo.virtocommerce.com/fr-FR/) 
		- [https://demo.virtocommerce.com/de-DE/](https://demo.virtocommerce.com/de-DE/) 
	- **Sub Resource Integrity Attribute Missing** [90003] total: 12:  
		- [https://demo.virtocommerce.com/B2B-store/](https://demo.virtocommerce.com/B2B-store/) 
		- [https://demo.virtocommerce.com/en-US/cart](https://demo.virtocommerce.com/en-US/cart) 
		- [https://demo.virtocommerce.com/Clothing/](https://demo.virtocommerce.com/Clothing/) 
		- [https://demo.virtocommerce.com/en-US/%7B%7B%20product.url%20%7D%7D](https://demo.virtocommerce.com/en-US/%7B%7B%20product.url%20%7D%7D) 
		- [https://demo.virtocommerce.com/](https://demo.virtocommerce.com/) 
		- .. 
	- **X-Content-Type-Options Header Missing** [10021] total: 11:  
		- [https://demo.virtocommerce.com/css/site.css](https://demo.virtocommerce.com/css/site.css) 
		- [https://demo.virtocommerce.com/B2B-store/](https://demo.virtocommerce.com/B2B-store/) 
		- [https://demo.virtocommerce.com/lib/bootstrap/dist/css/bootstrap.css](https://demo.virtocommerce.com/lib/bootstrap/dist/css/bootstrap.css) 
		- [https://demo.virtocommerce.com/sitemap.xml](https://demo.virtocommerce.com/sitemap.xml) 
		- [https://demo.virtocommerce.com/de-DE/](https://demo.virtocommerce.com/de-DE/) 
		- .. 
	- **Anti-CSRF Tokens Check** [20012] total: 13:  
		- [https://demo.virtocommerce.com/](https://demo.virtocommerce.com/) 
		- [https://demo.virtocommerce.com/en-US/](https://demo.virtocommerce.com/en-US/) 
		- [https://demo.virtocommerce.com/](https://demo.virtocommerce.com/) 
		- [https://demo.virtocommerce.com/de-DE/](https://demo.virtocommerce.com/de-DE/) 
		- [https://demo.virtocommerce.com/B2B-store/](https://demo.virtocommerce.com/B2B-store/) 
		- .. 
	- **Cookie Slack Detector** [90027] total: 4:  
		- [https://demo.virtocommerce.com/en-US/account/logout](https://demo.virtocommerce.com/en-US/account/logout) 
		- [https://demo.virtocommerce.com/fr-FR/account/logout](https://demo.virtocommerce.com/fr-FR/account/logout) 
		- [https://demo.virtocommerce.com/B2B-store/account/logout](https://demo.virtocommerce.com/B2B-store/account/logout) 
		- [https://demo.virtocommerce.com/de-DE/account/logout](https://demo.virtocommerce.com/de-DE/account/logout) 
	- **Content Security Policy (CSP) Header Not Set** [10038] total: 11:  
		- [https://demo.virtocommerce.com/en-US/account/login](https://demo.virtocommerce.com/en-US/account/login) 
		- [https://demo.virtocommerce.com/robots.txt](https://demo.virtocommerce.com/robots.txt) 
		- [https://demo.virtocommerce.com/123/](https://demo.virtocommerce.com/123/) 
		- [https://demo.virtocommerce.com/B2B-store/](https://demo.virtocommerce.com/B2B-store/) 
		- [https://demo.virtocommerce.com/en-US/](https://demo.virtocommerce.com/en-US/) 
		- .. 
	- **Timestamp Disclosure - Unix** [10096] total: 12:  
		- [https://demo.virtocommerce.com/en-US/%7B%7B%20product.url%20%7D%7D](https://demo.virtocommerce.com/en-US/%7B%7B%20product.url%20%7D%7D) 
		- [https://demo.virtocommerce.com/en-US/themes/assets/ajaxify.scss.css](https://demo.virtocommerce.com/en-US/themes/assets/ajaxify.scss.css) 
		- [https://demo.virtocommerce.com/123/](https://demo.virtocommerce.com/123/) 
		- [https://demo.virtocommerce.com/robots.txt](https://demo.virtocommerce.com/robots.txt) 
		- [https://demo.virtocommerce.com/en-US/themes/assets/respond-proxy.html](https://demo.virtocommerce.com/en-US/themes/assets/respond-proxy.html) 
		- .. 
	- **Incomplete or No Cache-control and Pragma HTTP Header Set** [10015] total: 11:  
		- [https://demo.virtocommerce.com/lib/bootstrap/dist/css/bootstrap.css](https://demo.virtocommerce.com/lib/bootstrap/dist/css/bootstrap.css) 
		- [https://demo.virtocommerce.com/en-US/sitemap/vendor.xml](https://demo.virtocommerce.com/en-US/sitemap/vendor.xml) 
		- [https://demo.virtocommerce.com/css/site.css](https://demo.virtocommerce.com/css/site.css) 
		- [https://demo.virtocommerce.com/Clothing/](https://demo.virtocommerce.com/Clothing/) 
		- [https://demo.virtocommerce.com/en-US/](https://demo.virtocommerce.com/en-US/) 
		- .. 
	- **Loosely Scoped Cookie** [90033] total: 3:  
		- [https://demo.virtocommerce.com/robots.txt](https://demo.virtocommerce.com/robots.txt) 
		- [https://demo.virtocommerce.com/](https://demo.virtocommerce.com/) 
		- [https://demo.virtocommerce.com/](https://demo.virtocommerce.com/) 
	- **Storable and Cacheable Content** [10049] total: 3:  
		- [https://demo.virtocommerce.com/sitemap.xml](https://demo.virtocommerce.com/sitemap.xml) 
		- [https://demo.virtocommerce.com/en-US/%7B%7B%20product.url%20%7D%7D](https://demo.virtocommerce.com/en-US/%7B%7B%20product.url%20%7D%7D) 
		- [https://demo.virtocommerce.com/robots.txt](https://demo.virtocommerce.com/robots.txt) 
	- **Feature Policy Header Not Set** [10063] total: 11:  
		- [https://demo.virtocommerce.com/](https://demo.virtocommerce.com/) 
		- [https://demo.virtocommerce.com/en-US/](https://demo.virtocommerce.com/en-US/) 
		- [https://demo.virtocommerce.com/en-US/account/login](https://demo.virtocommerce.com/en-US/account/login) 
		- [https://demo.virtocommerce.com/en-US/cart](https://demo.virtocommerce.com/en-US/cart) 
		- [https://demo.virtocommerce.com/robots.txt](https://demo.virtocommerce.com/robots.txt) 
		- .. 
	- **WSDL File Detection** [90030] total: 4:  
		- [https://demo.virtocommerce.com/sitemap.xml](https://demo.virtocommerce.com/sitemap.xml) 
		- [https://demo.virtocommerce.com/en-US/sitemap/blog.xml](https://demo.virtocommerce.com/en-US/sitemap/blog.xml) 
		- [https://demo.virtocommerce.com/en-US/sitemap/vendor.xml](https://demo.virtocommerce.com/en-US/sitemap/vendor.xml) 
		- [https://demo.virtocommerce.com/en-US/sitemap/catalog.xml](https://demo.virtocommerce.com/en-US/sitemap/catalog.xml) 
	- **Insufficient Site Isolation Against Spectre Vulnerability** [90004] total: 10:  
		- [https://demo.virtocommerce.com/en-US/](https://demo.virtocommerce.com/en-US/) 
		- [https://demo.virtocommerce.com/](https://demo.virtocommerce.com/) 
		- [https://demo.virtocommerce.com/sitemap.xml](https://demo.virtocommerce.com/sitemap.xml) 
		- [https://demo.virtocommerce.com/](https://demo.virtocommerce.com/) 
		- [https://demo.virtocommerce.com/fr-FR/](https://demo.virtocommerce.com/fr-FR/) 
		- .. 
	- **Base64 Disclosure** [10094] total: 12:  
		- [https://demo.virtocommerce.com/123/](https://demo.virtocommerce.com/123/) 
		- [https://demo.virtocommerce.com/fr-FR/](https://demo.virtocommerce.com/fr-FR/) 
		- [https://demo.virtocommerce.com/](https://demo.virtocommerce.com/) 
		- [https://demo.virtocommerce.com/B2B-store/](https://demo.virtocommerce.com/B2B-store/) 
		- [https://demo.virtocommerce.com/robots.txt](https://demo.virtocommerce.com/robots.txt) 
		- .. 
	- **Cookie No HttpOnly Flag** [10010] total: 7:  
		- [https://demo.virtocommerce.com/Clothing/](https://demo.virtocommerce.com/Clothing/) 
		- [https://demo.virtocommerce.com/en-US/](https://demo.virtocommerce.com/en-US/) 
		- [https://demo.virtocommerce.com/B2B-store/](https://demo.virtocommerce.com/B2B-store/) 
		- [https://demo.virtocommerce.com/de-DE/](https://demo.virtocommerce.com/de-DE/) 
		- [https://demo.virtocommerce.com/fr-FR/](https://demo.virtocommerce.com/fr-FR/) 
		- .. 
	- **Strict-Transport-Security Header Not Set** [10035] total: 11:  
		- [https://demo.virtocommerce.com/robots.txt](https://demo.virtocommerce.com/robots.txt) 
		- [https://demo.virtocommerce.com/de-DE/](https://demo.virtocommerce.com/de-DE/) 
		- [https://demo.virtocommerce.com/fr-FR/](https://demo.virtocommerce.com/fr-FR/) 
		- [https://demo.virtocommerce.com/Clothing/](https://demo.virtocommerce.com/Clothing/) 
		- [https://demo.virtocommerce.com/B2B-store/](https://demo.virtocommerce.com/B2B-store/) 
		- .. 
	- **X-Frame-Options Header Not Set** [10020] total: 7:  
		- [https://demo.virtocommerce.com/Clothing/](https://demo.virtocommerce.com/Clothing/) 
		- [https://demo.virtocommerce.com/en-US/](https://demo.virtocommerce.com/en-US/) 
		- [https://demo.virtocommerce.com/de-DE/](https://demo.virtocommerce.com/de-DE/) 
		- [https://demo.virtocommerce.com/](https://demo.virtocommerce.com/) 
		- [https://demo.virtocommerce.com/fr-FR/](https://demo.virtocommerce.com/fr-FR/) 
		- .. 
	- **Storable but Non-Cacheable Content** [10049] total: 1:  
		- [https://demo.virtocommerce.com/en-US/common/setcurrency/XPT](https://demo.virtocommerce.com/en-US/common/setcurrency/XPT) 
	- **.env Information Leak** [40034] total: 3:  
		- [https://demo.virtocommerce.com/Clothing/.env](https://demo.virtocommerce.com/Clothing/.env) 
		- [https://demo.virtocommerce.com/en-US/sitemap/.env](https://demo.virtocommerce.com/en-US/sitemap/.env) 
		- [https://demo.virtocommerce.com/123/.env](https://demo.virtocommerce.com/123/.env) 
	- **Integer Overflow Error** [30003] total: 1:  
		- [https://demo.virtocommerce.com/B2B-store/bulkorder/addcsvitems](https://demo.virtocommerce.com/B2B-store/bulkorder/addcsvitems) 
	- **Dangerous JS Functions** [10110] total: 2:  
		- [https://demo.virtocommerce.com/lib/jquery/dist/jquery.js](https://demo.virtocommerce.com/lib/jquery/dist/jquery.js) 
		- [https://demo.virtocommerce.com/lib/bootstrap/dist/js/bootstrap.js](https://demo.virtocommerce.com/lib/bootstrap/dist/js/bootstrap.js) 



View the [following link](https://github.com/VirtoCommerce/vc-github-actions/actions/runs/500531486) to download the report.
RunnerID:500531486

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ZAP Full Scan Report #53

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

ZAP Full Scan Report #53

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions