1.1 KiB
1.1 KiB
| stage | group | info |
|---|---|---|
| Secure | Dynamic Analysis | To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments |
Content-Security-Policy analysis
Description
A missing or invalid Content-Security-Policy (CSP) was identified on the target site. CSP can aid in
hardening a website against various client side attacks such as Cross-Site Scripting (XSS).
Remediation
If the target site is missing a CSP, investigate the relevant URLs for enabling CSP. Otherwise, follow the recommendations to determine if any actions are necessary.
Details
| ID | Aggregated | CWE | Type | Risk |
|---|---|---|---|---|
| 16.8 | true | 16 | Passive | Info |