Update kaakaww.yml #1

sgerlach · 2023-06-14T15:37:43Z

No description provided.

stackhawk

🦅 HawkScan Completed

AAA_javaspringvulny | Development

❌ Check Failed: "2 Findings >= High Found"

5 Findings:

Vulnerability Details

Cross Site Scripting (Reflected)

Found on 1 Path

paths:
- /search

SQL Injection

Found on 1 Path

paths:
- /search

Content Security Policy (CSP) Header Not Set

Found on 13 Paths

paths:
- /payload/3099
- /basic-auth
- /jwt-auth
- /payload/3105
- /payload/3101
- /
- /search
- /payloads
- <root>
- /token-auth
- /payload/3097
- /search
- /payload/3103

Parameter Tampering

Found on 1 Path

paths:
- /search

Spring Actuator Information Leak

Found on 1 Path

paths:
- /actuator/health

Scan Metadata

duration: 2 min 9 sec 
date: Jun 14, 2023 at 3:46 PM UTC
scannedPaths: 33
hawkscanVersion: 3.1.0
host: http://localhost:9000

Scan IDs

applicationId: 44d63acb-a50b-4ab5-baa3-9508bb12691f
scanId: ee8c435e-b144-4eb6-a3ab-22e1edb901ce

sgerlach added 4 commits June 14, 2023 09:37

Update kaakaww.yml

c88b68b

Update kaakaww.yml

40a7470

Update stackhawk.yml

3ba73ba

Update kaakaww.yml

7d62073

stackhawk bot reviewed Jun 14, 2023

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Update kaakaww.yml #1

Update kaakaww.yml #1

Uh oh!

sgerlach commented Jun 14, 2023

Uh oh!

stackhawk bot left a comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Update kaakaww.yml #1

Are you sure you want to change the base?

Update kaakaww.yml #1

Uh oh!

Conversation

sgerlach commented Jun 14, 2023

Uh oh!

stackhawk bot left a comment

Choose a reason for hiding this comment

🦅 HawkScan Completed

5 Findings:

Cross Site Scripting (Reflected)

SQL Injection

Content Security Policy (CSP) Header Not Set

Parameter Tampering

Spring Actuator Information Leak

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant