This file serves as a placeholder for Dynamic Application Security Testing (DAST) findings from OWASP ZAP scans.
DAST findings are generated by scanning the running application and represent runtime security issues rather than specific source code locations. All security findings from the nightly OWASP ZAP scans will be associated with this file in GitHub Security tab.
To view the actual findings:
- Go to the Security tab in GitHub
- Navigate to Code Scanning alerts
- Filter by tool: OWASP ZAP
Each finding will include:
- The vulnerability type and severity
- The URL where the issue was detected
- Recommended remediation steps
- Reference documentation