Most common High Risk security issues in the last 30 days
Issue Type | Category | Percentage |
---|---|---|
SQL Injection - MySQL | High | 0.03 |
Most common Medium Risk security issues in the last 30 days
Issue Type | Category | Percentage |
---|---|---|
Absence of Anti-CSRF Tokens | Medium | 10.96 |
Cross-Domain Misconfiguration | Medium | 8.42 |
CSP: style-src unsafe-inline | Medium | 3.49 |
CSP: Wildcard Directive | Medium | 3.48 |
CSP: script-src unsafe-inline | Medium | 3.28 |
Most common Low Risk security issues in the last 30 days
Issue Type | Category | Percentage |
---|---|---|
Cross-Domain JavaScript Source File Inclusion | Low | 4.54 |
Strict-Transport-Security Multiple Header Entries (Non-compliant with Spec) | Low | 4.14 |
Strict-Transport-Security Header Not Set | Low | 3.97 |
Server Leaks Version Information via "Server" HTTP Response Header Field | Low | 1.76 |
Cookie No HttpOnly Flag | Low | 1.34 |
Most common Info Risk security issues in the last 30 days
Issue Type | Category | Percentage |
---|---|---|
Retrieved from Cache | Informational | 28.83 |
Information Disclosure - Suspicious Comments | Informational | 12.13 |
User Controllable HTML Element Attribute (Potential XSS) | Informational | 2.62 |
Re-examine Cache-control Directives | Informational | 1.80 |
Information Disclosure - Sensitive Information in URL | Informational | 0.15 |