search

tsunez / dvna

Damn Vulnerable NodeJS Application
MIT License
0 stars 0 forks source link

CX Missing_HSTS_Header @ core/apphandler.js [master] #14

Open tsunez opened 3 years ago

tsunez commented 3 years ago

Missing_HSTS_Header issue exists @ core/apphandler.js in branch master

The web-application does not define an HSTS header, leaving it vulnerable to attack.

Severity: Medium

CWE:346

Vulnerability details and guidance

Checkmarx

Recommended Fix

Lines: 21

Code (Line #21):

            res.render('app/usersearch', {
tsunez commented 3 years ago

Issue still exists.

SUMMARY

Issue has 1 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)

tsunez commented 3 years ago

Issue still exists.

SUMMARY

Issue has 1 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)

tsunez commented 3 years ago

Issue still exists.

SUMMARY

Issue has 1 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)