Vulnerability Scan Result
| Title: | anomalocaris my beloved |
| Description: | I'm writing the webcominc i sWEAR (if the page is broken try hitting ctrl + then ctrl -) |
| IP address | 74.114.154.18 |
| Country | US  |
| AS number | AS2635 |
| Net name | Automattic Inc |
| IP address | 74.114.154.22 |
| Country | US |
| AS number | AS2635 |
| Net name | Automattic Inc |
80/tcp | http | nginx |
443/tcp | https | nginx |
| Software / Version | Category |
|---|---|
| jQuery | JavaScript libraries |
| MySQL | Databases |
| Nginx | Web servers, Reverse proxies |
| PHP | Programming languages |
| Sectigo | SSL/TLS certificate authorities |
| WordPress | CMS, Blogs |
| HSTS | Security |
| Tumblr | Blogs |
Web Application Vulnerabilities
Evidence
Vulnerability description
We have noticed that the target application has overly permissive settings in its client access policy files. The <code>crossdomain.xml</code> file controls the access of externally hosted Flash scripts to this website, while <code>clientaccesspolicy.xml</code> specifies other sites that can read content from this website - which is normally denied by the Same Origin Policy. This vulnerability arises from configurations that grant excessive permissions to clients.
Recommendation
We recommend to carefully review the content of the policy file and permit access only for legitimate domains.
Classification
| CWE | CWE-16 |
| OWASP Top 10 - 2017 | A6 - Security Misconfiguration |
| OWASP Top 10 - 2021 | A5 - Security Misconfiguration |
Evidence
| URL | Evidence |
|---|---|
| https://dippityart.tumblr.com/ | Response headers do not include the Referrer-Policy HTTP security header as well as the <meta> tag with name 'referrer' is not present in the response. |
Vulnerability description
We noticed that the target application's server responses lack the <code>Referrer-Policy</code> HTTP header, which controls how much referrer information the browser will send with each request originated from the current web application.
Recommendation
The Referrer-Policy header should be configured on the server side to avoid user tracking and inadvertent information leakage. The value `no-referrer` of this header instructs the browser to omit the Referer header entirely.
Classification
| CWE | CWE-693 |
| OWASP Top 10 - 2017 | A6 - Security Misconfiguration |
| OWASP Top 10 - 2021 | A5 - Security Misconfiguration |
Evidence
| URL | Evidence |
|---|---|
| https://dippityart.tumblr.com/ | Response does not include the HTTP Content-Security-Policy security header or meta tag |
Vulnerability description
We noticed that the target application lacks the Content-Security-Policy (CSP) header in its HTTP responses. The CSP header is a security measure that instructs web browsers to enforce specific security rules, effectively preventing the exploitation of Cross-Site Scripting (XSS) vulnerabilities.
Recommendation
Configure the Content-Security-Header to be sent with each HTTP response in order to apply the specific policies needed by the application.
Classification
| CWE | CWE-693 |
| OWASP Top 10 - 2017 | A6 - Security Misconfiguration |
| OWASP Top 10 - 2021 | A5 - Security Misconfiguration |
Evidence
| Software / Version | Category |
|---|---|
| jQuery | JavaScript libraries |
| MySQL | Databases |
| Nginx | Web servers, Reverse proxies |
| PHP | Programming languages |
| Sectigo | SSL/TLS certificate authorities |
| WordPress | CMS, Blogs |
| HSTS | Security |
| Tumblr | Blogs |
Vulnerability description
We noticed that server software and technology details are exposed, potentially aiding attackers in tailoring specific exploits against identified systems and versions.
Recommendation
We recommend you to eliminate the information which permits the identification of software platform, technology, server and operating system: HTTP server headers, HTML meta information, etc.
Classification
| OWASP Top 10 - 2017 | A6 - Security Misconfiguration |
| OWASP Top 10 - 2021 | A5 - Security Misconfiguration |
Vulnerability description
Website is accessible.
Infrastructure Vulnerabilities
Evidence
| Domain Queried | DNS Record Type | Description | Value |
|---|---|---|---|
| dippityart.tumblr.com | A | IPv4 address | 74.114.154.22 |
| dippityart.tumblr.com | A | IPv4 address | 74.114.154.18 |
| dippityart.tumblr.com | SPF | Sender Policy Framework | "v=spf1 include:_spf.google.com include:_spf.automattic.com include:sendgrid.net include:mail.zendesk.com -all" |
Recommendation
We recommend reviewing all DNS records associated with the domain and identifying and removing unused or obsolete records.
Vulnerability description
OS detection couldn't determine the operating system.
Recommendation
Vulnerability checks are skipped for ports that redirect to another port. We recommend scanning the redirected port directly.
Evidence
| Software / Version | Category |
|---|---|
| WordPress | CMS, Blogs |
| Tumblr | Blogs |
| MySQL | Databases |
| PHP | Programming languages |
| Nginx | Web servers, Reverse proxies |
| jQuery | JavaScript libraries |
| Google Font API | Font scripts |
| Sectigo | SSL/TLS certificate authorities |
| HSTS | Security |
| RSS | Miscellaneous |
| Open Graph | Miscellaneous |
Vulnerability description
We noticed that server software and technology details are exposed, potentially aiding attackers in tailoring specific exploits against identified systems and versions.
Recommendation
We recommend you to eliminate the information which permits the identification of software platform, technology, server and operating system: HTTP server headers, HTML meta information, etc.