Website Security Test of www.waternet.nl

Executive Summary for www.waternet.nl

• Web Software Security Test
  5 third-party web software dependancies were identified, including 4 outdated dependancies. One known vulnerability was detected. No Content Management System (CMS) was identified. The following CMS components, JS-libraries or frameworks were identified: ua-parser-js, preact, prototype, and others. Show details.
• GDPR Compliance Test
  Potential GDPR compliance issues were identified related to Website Security. The following checks were not performed, as no corresponding cookies with personal or tracking information seem to be sent by the website: Cookie Protection, Cookie Disclaimer. Show details.
• PCI DSS Compliance Test
  The website is compliant with PCI DSS Requirement 6.4, while being non-compliant with Requirement 6.3. Show details.
• HTTP Headers Security Test
  Issues were identified with key security header misconfigured Content-Security-Policy. Optional HTTP headers appear to be properly configured: Server, Access-Control-Allow-Origin, Referrer-Policy. Deprecated HTTP headers detected: X-XSS-Protection. Show details.
• Content Security Policy (CSP) Test
  Content-Security-Policy is enforced but configuration issues were identified: directive errors, overly permissive directives. A report-only Content-Security-Policy is not present. Show details.
• Cookies Privacy and Security Test
  One detected cookie appears to be properly configured from a security perspective. Show details.
• External Content Security Test
  16 external requests detected; 2 requests failed. SRI is not used for 10 third-party JavaScript and CSS files. Show details.
• Protection from Data Scraping Test
  No significant anti-scraping protections were detected. Show details.
• DNSSEC Configuration Test
  DNS CNAME record detected; DNSSEC signatures are present and fully validated. Show details.