DAST Scan Results
| CWE ID | Severity | Description | Location | Evidence | Solution |
| --- | --- | --- | --- | --- | --- |
| [693](https://cwe.mitre.org/data/definitions/693.html) | Medium | The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product. | **Method:** GET **Parameter:** Content-Security-Policy |
default-src 'self'; font-src 'self'; img-src 'self' data:; frame-ancestors 'none'; object-src 'none'; script-src 'self'; connect-src 'self'; style-src 'self' 'unsafe-inline'; | Ensure that your web server, application server, load balancer, etc. is properly configured to set the Content-Security-Policy header. |
DAST Scan Results
| CWE ID | Severity | Description | Location | Evidence | Solution |
| --- | --- | --- | --- | --- | --- |
| [693](https://cwe.mitre.org/data/definitions/693.html) | Medium | The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product. | **Method:** GET **Parameter:** Content-Security-Policy | default-src 'self'; font-src 'self'; img-src 'self' data:; frame-ancestors 'none'; object-src 'none'; script-src 'self'; connect-src 'self'; style-src 'self' 'unsafe-inline'; | Ensure that your web server, application server, load balancer, etc. is properly configured to set the Content-Security-Policy header. |
Scan Date: Wed, 1 May 2024 01:44:12 URLs Impacted:
DAST Scan Results
| CWE ID | Severity | Description | Location | Evidence | Solution | | --- | --- | --- | --- | --- | --- | | [693](https://cwe.mitre.org/data/definitions/693.html) | Medium | The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product. | **Method:** GET **Parameter:** Content-Security-Policy | default-src 'self'; font-src 'self'; img-src 'self' data:; frame-ancestors 'none'; object-src 'none'; script-src 'self'; connect-src 'self'; style-src 'self' 'unsafe-inline'; | Ensure that your web server, application server, load balancer, etc. is properly configured to set the Content-Security-Policy header. |