• Home
  • Vulnerability Index
Vulnerability Index

Web Application Vulnerabilities Index

This page lists all vulnerabilities that can be detected by Netsparker.

Select Category

Search Vulnerability

Vulnerability Name Classifications Severity
Content Security Policy (CSP) Not Implemented CWE-16, ISO27001-A.14.2.5, WASC-15 Best Practice
An Unsafe Content Security Policy (CSP) Directive in Use CWE-16, ISO27001-A.14.2.5, WASC-15 Information
Content Security Policy (CSP) Contains Out of Scope report-uri Domain ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3 Information
Content Security Policy (CSP) Keywords Not Used Within Single Quotes CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Content Security Policy (CSP) Nonce Value Not Used Within Single Quotes CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Content Security Policy (CSP) Nonce Without Matching Script Block CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Content Security Policy (CSP) report-uri Uses HTTP ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3 Information
data: Used in a Content Security Policy (CSP) Directive ISO27001-A.14.2.5 Information
default-src Used in Content Security Policy (CSP) ISO27001-A.14.2.5, OWASP PC-C9 Information
Deprecated Header Instruction Used to Implement Content Security Policy (CSP) CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP PC-C9 Information
Incorrect Content Security Policy (CSP) Implementation CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Insecure Protocol Detected in Content Security Policy (CSP) CWE-319, ISO27001-A.14.2.5 Information
Invalid Content Security Policy (CSP) Directive Identified in meta Elements CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Multiple Content Security Policy (CSP) Implementation Detected CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP PC-C9 Information
No Script Block Detected with the Hash Value Declared in Content Security Policy (CSP) ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6 Information
Nonce Usage Detected in Content Security Policy (CSP) Directive ISO27001-A.14.2.5, OWASP PC-C9 Information
Scheme URI Detected in Content Security Policy (CSP) Directive ISO27001-A.14.2.5 Information
Static Nonce Identified in Content Security Policy (CSP) CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Unsupported Hash Detected in Content Security Policy (CSP) CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Weak Nonce Detected in Content Security Policy (CSP) Declaration CWE-330, ISO27001-A.14.2.5, WASC-16, OWASP 2013-A5, OWASP 2017-A6 Information
Wildcard Detected in Domain Portion of Content Security Policy (CSP) Directive ISO27001-A.14.2.5 Information
Wildcard Detected in Port Portion of Content Security Policy (CSP) Directive ISO27001-A.14.2.5 Information
Wildcard Detected in Scheme Portion of Content Security Policy (CSP) Directive ISO27001-A.14.2.5 Information
Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo

Netsparker Ltd
220 Industrial Blvd Ste 102
Austin, TX 78745

© Netsparker 2021, by Invicti

RESOURCES

USE CASES

WEB SECURITY

COMPANY

© Netsparker 2021, by Invicti

Subscription Services Agreement Data Protection Policy Information Security Policy Privacy Policy Sitemap