Website Vulnerability Scanner Report

 https://www.lagunaproperty.com/en/
Target added due to a redirect from http://www.lagunaproperty.com

The Light Website Scanner didn't check for critical issues like SQLi, XSS, Command Injection, XXE, etc. Upgrade to run Deep scans with
40+ tests and detect more vulnerabilities.

Summary

Overall risk level: Risk ratings: Scan information:

Medium High: 0 Start time: Dec 20, 2024 / 16:31:33 UTC+08
Medium: 1 Finish time: Dec 20, 2024 / 16:55:28 UTC+08
Low: 3 Scan duration: 23 min, 55 sec

Info: 34 Tests performed: 38/38

Scan status: Finished

Findings

 Vulnerabilities found for server-side software UNCONFIRMED 

Risk
CVSS CVE Summary Affected software
Level

Bootstrap Cross-Site Scripting (XSS) vulnerability. More details at:

https://github.com/advisories/GHSA-vc8w-jr9v-vj7f
https://nvd.nist.gov/vuln/detail/CVE-2024-6531
 6.4 CVE-2024-6531 https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2024- Bootstrap 4.6.1
6531.yml
https://github.com/twbs/bootstrap
https://www.herodevs.com/vulnerability-directory/cve-2024-6531

Affected versions of `react-dom` are vulnerable to Cross-Site Scripting (XSS).

The package fails to validate attribute names in HTML tags which may lead to
Cross-Site Scripting in specific scenarios. More details at:
 4.3 CVE-2018-6341 React-dom 16.4.1
https://github.com/advisories/GHSA-mvjj-gqq2-p4hw
https://nvd.nist.gov/vuln/detail/CVE-2018-6341
https://reactjs.org/blog/2018/08/01/react-v-16-4-2.html

 Details

Risk description:
The risk is that an attacker could search for an appropriate exploit (or create one himself) for any of these vulnerabilities and use it to
attack the system.

Recommendation:
In order to eliminate the risk of these vulnerabilities, we recommend you check the installed software version and upgrade to the latest
version.

Classification:
CWE : CWE-1026
OWASP Top 10 - 2017 : A9 - Using Components with Known Vulnerabilities
OWASP Top 10 - 2021 : A6 - Vulnerable and Outdated Components

 Missing security header: Referrer-Policy CONFIRMED

URL Evidence

1/7
 Response headers do not include the Referrer-Policy HTTP security header as well as the <meta> tag
https://www.lagunaproperty.com/en/ with name 'referrer' is not present in the response.
Request / Response

 Details

Risk description:
The risk is that if a user visits a web page (e.g. "http://example.com/pricing/") and clicks on a link from that page going to e.g.
"https://www.google.com", the browser will send to Google the full originating URL in the Referer header, assuming the Referrer-Policy
header is not set. The originating URL could be considered sensitive information and it could be used for user tracking.

Recommendation:
The Referrer-Policy header should be configured on the server side to avoid user tracking and inadvertent information leakage. The value
no-referrer of this header instructs the browser to omit the Referer header entirely.

References:
https://developer.mozilla.org/en-US/docs/Web/Security/Referer_header:_privacy_and_security_concerns

Classification:
CWE : CWE-693
OWASP Top 10 - 2017 : A6 - Security Misconfiguration
OWASP Top 10 - 2021 : A5 - Security Misconfiguration

 Missing security header: Content-Security-Policy CONFIRMED

URL Evidence

Response does not include the HTTP Content-Security-Policy security header or meta tag
https://www.lagunaproperty.com/en/
Request / Response

 Details

Risk description:
The risk is that if the target application is vulnerable to XSS, lack of this header makes it easily exploitable by attackers.

Recommendation:
Configure the Content-Security-Header to be sent with each HTTP response in order to apply the specific policies needed by the
application.

References:
https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy

Classification:
CWE : CWE-693
OWASP Top 10 - 2017 : A6 - Security Misconfiguration
OWASP Top 10 - 2021 : A5 - Security Misconfiguration

 Server software and technology found UNCONFIRMED 

Software / Version Category

Linkedin Ads Advertising

Linkedin Insight Tag Analytics

cdnjs CDN

Google Hosted Libraries CDN

Facebook Pixel 2.9.179 Analytics

FancyBox JavaScript libraries

Adobe Fonts Font scripts

Bootstrap 4.6.1 UI frameworks

2/7
 Google Analytics Analytics

Apache HTTP Server Web servers

jQuery 3.7.0 JavaScript libraries

PHP Programming languages

Sectigo SSL/TLS certificate authorities

Swiper JavaScript libraries

Typekit Font scripts

Cloudflare CDN

reCAPTCHA Security

Google Tag Manager Tag managers

Hotjar Analytics

jsDelivr CDN

HSTS Security

 Details

Risk description:
The risk is that an attacker could use this information to mount specific attacks against the identified software type and version.

Recommendation:
We recommend you to eliminate the information which permits the identification of software platform, technology, server and operating
system: HTTP server headers, HTML meta information, etc.

References:
https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/01-Information_Gathering/02-
Fingerprint_Web_Server.html

Classification:
OWASP Top 10 - 2017 : A6 - Security Misconfiguration
OWASP Top 10 - 2021 : A5 - Security Misconfiguration

Screenshot:

Figure 1. Website Screenshot

 Security.txt file is missing CONFIRMED

URL

3/7
 Missing: https://www.lagunaproperty.com/.well-known/security.txt

 Details

Risk description:
There is no particular risk in not having a security.txt file for your server. However, this file is important because it offers a designated
channel for reporting vulnerabilities and security issues.

Recommendation:
We recommend you to implement the security.txt file according to the standard, in order to allow researchers or users report any security
issues they find, improving the defensive mechanisms of your server.

References:
https://securitytxt.org/

Classification:
OWASP Top 10 - 2017 : A6 - Security Misconfiguration
OWASP Top 10 - 2021 : A5 - Security Misconfiguration

 Spider results

Page Status
URL Method Page Title
Size Code

255.21
https://www.lagunaproperty.com/en/about-us GET About Us | Banyan Group Residences 200
KB

170.67
https://www.lagunaproperty.com/en/contact-us GET Make An Enquiry | Banyan Group Residences 200
KB

News & Promotions | Banyan Group 148.86

https://www.lagunaproperty.com/en/news/51 GET 200
Residences KB

Laguna Residences | Phuket Condominiums | 153.42

https://www.lagunaproperty.com/en/project/phuket/laguna-park GET 200
Banyan G KB

https://www.lagunaproperty.com/en/projects/phuket/laguna- Laguna Lakeside Residences | Phuket 175.84

GET 200
lakeside-residences Condos | Banya KB

Terms and Conditions | Banyan Group 140.44

https://www.lagunaproperty.com/en/terms GET 200
Residences KB

Laguna Property | Beach Resort Property in

https://www.lagunaproperty.com/en/ GET 62.9 KB 200
Phuket

News & Promotions | Banyan Group 148.86

https://www.lagunaproperty.com/en/news/51/ GET 200
Residences KB

https://www.lagunaproperty.com/en/search.php GET 404 Page 2.96 KB 404

Laguna Residences | Phuket Condominiums | 153.42

https://www.lagunaproperty.com/en/sitemap GET 200
Banyan G KB

 Details

Risk description:
The table contains all the unique pages the scanner found. The duplicated URLs are not available here as scanning those is considered
unnecessary

Recommendation:
We recommend to advanced users to make sure the scan properly detected most of the URLs in the application.

References:
All the URLs the scanner found, including duplicates (available for 90 days after the scan date)

 Website is accessible.

 Nothing was found for client access policies.

4/7
 Nothing was found for robots.txt file.

 Outdated JavaScript libraries were merged into server-side software vulnerabilities.

 Nothing was found for use of untrusted certificates.

 Nothing was found for enabled HTTP debug methods.

 Nothing was found for administration consoles.

 Nothing was found for information disclosure.

 Nothing was found for software identification.

 Nothing was found for sensitive files.

 Nothing was found for interesting files.

 Nothing was found for enabled HTTP OPTIONS method.

 Nothing was found for secure communication.

 Nothing was found for directory listing.

 Nothing was found for error messages.

 Nothing was found for debug messages.

 Nothing was found for code comments.

 Nothing was found for missing HTTP header - Strict-Transport-Security.

 Nothing was found for missing HTTP header - X-Content-Type-Options.

 Nothing was found for Insecure Direct Object Reference.

 Nothing was found for domain too loose set for cookies.

5/7
 Nothing was found for mixed content between HTTP and HTTPS.

 Nothing was found for internal error code.

 Nothing was found for HttpOnly flag of cookie.

 Nothing was found for Secure flag of cookie.

 Nothing was found for login interfaces.

 Nothing was found for Server Side Request Forgery.

 Nothing was found for Open Redirect.

 Nothing was found for Exposed Backup Files.

 Nothing was found for unsafe HTTP header Content Security Policy.

 Nothing was found for OpenAPI files.

 Nothing was found for file upload.

Scan coverage information

List of tests performed (38/38)

 Starting the scan...
 Checking for missing HTTP header - Referrer...
 Checking for missing HTTP header - Content Security Policy...
 Spidering target...
 Checking for website technologies...
 Checking for vulnerabilities of server-side software...
 Checking for client access policies...
 Checking for robots.txt file...
 Checking for absence of the security.txt file...
 Checking for outdated JavaScript libraries...
 Checking for use of untrusted certificates...
 Checking for enabled HTTP debug methods...
 Checking for administration consoles...
 Checking for information disclosure... (this might take a few hours)
 Checking for software identification...
 Checking for sensitive files...
 Checking for interesting files... (this might take a few hours)
 Checking for enabled HTTP OPTIONS method...
 Checking for secure communication...
 Checking for directory listing...
 Checking for error messages...
 Checking for debug messages...
 Checking for code comments...
 Checking for missing HTTP header - Strict-Transport-Security...
 Checking for missing HTTP header - X-Content-Type-Options...

6/7
  Checking for Insecure Direct Object Reference...
 Checking for domain too loose set for cookies...
 Checking for mixed content between HTTP and HTTPS...
 Checking for internal error code...
 Checking for HttpOnly flag of cookie...
 Checking for Secure flag of cookie...
 Checking for login interfaces...
 Checking for Server Side Request Forgery...
 Checking for Open Redirect...
 Checking for Exposed Backup Files...
 Checking for unsafe HTTP header Content Security Policy...
 Checking for OpenAPI files...
 Checking for file upload...

Scan parameters
target: https://www.lagunaproperty.com/en/
scan_type: Light
authentication: False

Scan stats
Unique Injection Points Detected: 39
URLs spidered: 10
Total number of HTTP requests: 15089
Average time until a response was
3ms
received:
Total number of HTTP request errors: 255

7/7