Summary

Netsparker detected that wildcard was used in port portion of a CSP directive.

Impact

There is no direct impact, however in conjunction with some other issues this can be abused by an attacker. Wildcard means you trust all the applications hosted in all of the ports of the target domain. For example another port on the same IP address might be a vulnerable hosting panel control application.

Remediation

If this is not really necessary use a static port. If you need the use the wildcard then ensure that you trust the all ports of the target URI.

Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities

Select Category

OR

Search Vulnerability

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO