Nonce Usage Detected In Content Security Policy (CSP) Directive

Summary

CSP nonce directives make use of the inline scripts and script blocks possible in a page. However, this feature comes with CSP2 and CSP2 is only supported by Chrome and Firefox browsers.

Classifications

OWASP PC-C9

Further Reading

Content Security Policy (CSP) Explained

Vulnerability Index

You can search and find all vulnerabilities

Select Category

Critical
High
Medium
Low
Information

Search Vulnerability

Related Vulnerabilities

Blind SQL Injection
SQL Injection
Local File Inclusion
Misconfigured Access-Control-Allow-Origin Header
Missing X-Frame-Options Header

;

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO

Nonce Usage Detected In Content Security Policy (CSP) Directive

NETSPARKER

USE CASES

WEB SECURITY

COMPANY

Netsparker Ltd