We have the weekend behind us now, so avast team members may act. Up to them.
Still see this retirable code:
jquery 1.10.2.min Found in -https://ksbshipyard.co.id/js/fancybox/jquery-1.10.2.min.js
Vulnerability info:
Medium 2432 3rd party CORS request may execute CVE-2015-9251
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers
Low CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution
Quite some implementations missing found through the Page, Header & Cookie Security Analyser - RECX.
Website is insecure by default
100% of the trackers on this site could be protecting you from NSA snooping. Tell -ksbshipyard.co.id to fix it.
Identifiers | All Trackers
Insecure Identifiers
Unique IDs about your web browsing habits have been insecurely sent to third parties.
d29307b38c30XXXXXXXXXXXXX6f7df6301571047301 -ksbshipyard.co.id__cfduid
polonus