Summary

Netsparker detected that your CSP declaration contains report-uri value that points to an out of scope external domain. This domain will be aware of the CSP violation occurs on your website and some sensitive data will be disclosed to this site.

Remediation

If you trust this domain you can ignore this issue. However if you do not trust this external domain, remove it from report-uri directive.

Classifications
OWASP 2013-A6
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities

Select Category

OR

Search Vulnerability

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO