WORKTERRAProject Type: software

WORKTERRA

Uploaded image for project: 'WORKTERRA'
  1. WORKTERRA
  2. WT-12639

[Security] ZAP Scan reported issue : Cross-Domain JavaScript Source File Inclusion

    Details

    • Type: Bug
    • Status: Open
    • Priority: Medium
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None
    • Environment:
      Production
    • Bug Severity:
      Low
    • Level:
      Admin, Employee, Partner
    • Module:
      BenAdmin - Security
    • Reported by:
      Harbinger
    • Company:
      All Clients/Multiple Clients
    • Item State:
      Development - On Hold

      Description

      The page includes one or more script files from a third-party domain.
      Ensure JavaScript source files are loaded from only trusted sources, and the sources can't be controlled by end users of the application.

      Refer attached HTML report for more details

      CC SamirRakesh RoyJaideep Vinchurkaranirudha joshi

        Attachments

          Issue Links

          relates to

          Task - A task that needs to be done. NF-2714 Vulnerability Assessment and Penetration Testing for Workterra on Azure US environment.

          • Medium - Has the potential to affect progress.
          • To Do

            Activity

            Ascending order - Click to sort in descending order
            prasadp Prasad Pise (Inactive) created issue -
            prasadp Prasad Pise (Inactive) made changes -
            Field Original Value New Value
            Link This issue relates to NF-2714 [ NF-2714 ]
            rakeshr Rakesh Roy (Inactive) made changes -
            Module Parent values: BenAdmin(10100) Parent values: BenAdmin(10100)Level 1 values: Security(10112)
            santosh.balid Santosh Balid (Inactive) made changes -
            Item State Parent values: Development(10200)Level 1 values: On Hold(10207)
            santosh.balid Santosh Balid (Inactive) made changes -
            Assignee Santosh Balid [ santosh.balid ] Gaurav Sodani [ gaurav.sodani ]
            vijayendra Vijayendra Shinde (Inactive) made changes -
            Assignee Gaurav Sodani [ gaurav.sodani ] Rohan J Khandave [ rohan.khandave ]
            vijayendra Vijayendra Shinde (Inactive) made changes -
            Link This issue relates to DEV-13718 [ DEV-13718 ]

              People

              Assignee:
              rohan.khandave Rohan J Khandave (Inactive)
              Reporter:
              prasadp Prasad Pise (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated: