data: Used in a Content Security Policy (CSP) Directive
Summary#
Invicti detected data: use in a CSP directive.
Impact#
An attacker can bypass CSP and exploit a Cross-site Scripting vulnerability successfully by using data: protocol.
Remediation#
Remove data: sources from your CSP directives.
Classifications#
Further Reading#
Vulnerability Index
You can search and find all vulnerabilities
Select Category
OR
Search Vulnerability
Tags
Related Vulnerabilities
