Detected angular.js on CloudFlare here: -https://cachebrowser.info
Detected libraries:
jquery - 3.0.0-alpha1 : (active1) -https://cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0-alpha1/jquery.min.js
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
angularjs - 1.4.7 : (active1) -https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.4.7/angular.js
Info: Severity: low
https://github.com/angular/angular.js/blob/master/CHANGELOG.md
Info: Severity: low
https://srcclr.com/security/ui-redress-attack-through-improper/javascript/s-2252
Info: Severity: medium
https://srcclr.com/security/arbitrary-code-execution-through-svg/javascript/s-2253
Info: Severity: medium
https://github.com/angular/angular.js/issues/14939
https://srcclr.com/security/arbitrary-code-execution-via-constructor-access/javascript/sid-2589/summary
(active) - the library was also found to be active by running code
Eventual attack should come from a whitelisted domain. And with a meagre F-Status here and just these very links with missing SRI-hashes,
it is a reason for concern: https://sritest.io/#report/5ef62ec8-0b99-4697-a18a-e4c927a0e788 e.g.:
Missing SRI hashRe: https://www.eff.org/https-everywhere/atlas/domains/cachebrowser.info.html
Warnings
SSLv3
Your server’s encryption settings are vulnerable. This server uses the SSLv3 protocol, which is not secure. More information.
This server is vulnerable to:
Poodle (SSLv3 protocol)
This server is vulnerable to a Poodle (SSLv3) attack.
Server scan unsuccessful.
Poodle (TLS)
Server scan unsuccessful.
Insecurity: https://observatory.mozilla.org/analyze.html?host=cachebrowser.info
polonus