Complimentary 90-day, on-prem license available for entities involved in Covid19 response.
Summary

Netsparker detected that multiple CSP declaration types were implemented in the page for backward compatibility.

Impact

Using multiple CSP implementations together might cause CSP directives to not work as intended.

Remediation

Remove these deprecated implementations:

  • X-Content-Security-Policy
  • X-Webkit-CSP
Classifications
CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP PC-C9
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities

OR

Search Vulnerability

Tags

CSP 
Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO