wathne / dat250-2024-assignment

MIT License
0 stars 0 forks source link

Content security Policy (CSP) Header Not Set #7

Open LisaCabot opened 1 week ago

LisaCabot commented 1 week ago

Description: The lack of tha protection may allow the use of a Cross-Site Scripting Potential Impact: Depends on the Cross-Site Scripting used when exploiting this lack of protection. Affected part of the application: Frontend, Page design Type of vulnerability: Lack of protection when designing the header (https://cwe.mitre.org/data/definitions/693.html)