Dear Support Team,
As we have query which we ran the VAPT for Atlassian Confluence from Version 7.4 to Latest 7.10 as per already raised the concern to support team but however after replying this not able to get reply.
Here the below Open Issue for VAPT.
CSP: Wildcard Directive - Medium 46
Vulnerable JS Library - Medium 21
Absence of Anti-CSRF Tokens - Low 40
Cookie No HttpOnly Flag - Low 23
Cookie Without SameSite Attribute - Low 26
X-Content-Type-Options Header Missing - Low 147
Information Disclosure - Sensitive Information in URL - Informational 1
Information Disclosure - Suspicious Comments - Informational 125
Timestamp Disclosure - Unix - Informational 264
Requesting you to please provide the solutions for the same.