Vulnerability Name
Classifications
Severity
Social Security Number Disclosure
PCI v3.2-6.5.3, CAPEC-118, CWE-213, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A6, OWASP 2017-A3
Low
Windows Username Disclosure
PCI v3.2-6.5.5, CAPEC-118, CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A6, OWASP 2017-A3
Low
phpinfo() Output Detected
CAPEC-346, CWE-213, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A6, OWASP 2017-A3
Low
Insecure Transportation Security Protocol Supported (TLS 1.1)
PCI v3.2-6.5.4, CAPEC-217, CWE-326, HIPAA-164.306, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3
Best Practice
Referrer-Policy Not Implemented
CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3
Best Practice
Content Security Policy (CSP) Contains Out of Scope report-uri Domain
ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3
Information
Content Security Policy (CSP) report-uri Uses HTTP
ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3
Information
Credit Card Disclosure
PCI v3.2-6.5.3, CAPEC-118, CWE-213, ISO27001-A.18.1.4, WASC-13, OWASP 2013-A6, OWASP 2017-A3
Information
Cross-site Referrer Leakage through usage of no-referrer-when-downgrade in Referrer-Policy
CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6
Information
Cross-site Referrer Leakage through usage of origin-when-cross-origin in Referrer-Policy
CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6
Information
Cross-site Referrer Leakage through usage of strict-origin in Referrer-Policy
CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6
Information
Cross-site Referrer Leakage through usage of strict-origin-when-cross-origin in Referrer-Policy
CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6
Information