Most common Medium Risk security issues in the last 30 days
Issue Type | Category | Percentage |
---|---|---|
Absence of Anti-CSRF Tokens | Medium | 18.60 |
Content Security Policy (CSP) Header Not Set | Medium | 5.10 |
Missing Anti-clickjacking Header | Medium | 1.77 |
Cross-Domain Misconfiguration | Medium | 1.53 |
CSP: Wildcard Directive | Medium | 1.10 |
Most common Low Risk security issues in the last 30 days
Issue Type | Category | Percentage |
---|---|---|
Strict-Transport-Security Header Not Set | Low | 10.39 |
X-Content-Type-Options Header Missing | Low | 8.06 |
Cross-Domain JavaScript Source File Inclusion | Low | 3.98 |
Cookie without SameSite Attribute | Low | 2.63 |
Cookie No HttpOnly Flag | Low | 2.13 |
Most common Info Risk security issues in the last 30 days
Issue Type | Category | Percentage |
---|---|---|
Information Disclosure - Suspicious Comments | Informational | 16.93 |
Retrieved from Cache | Informational | 5.56 |
Re-examine Cache-control Directives | Informational | 5.51 |
User Controllable HTML Element Attribute (Potential XSS) | Informational | 4.82 |
User Agent Fuzzer | Informational | 2.38 |