Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Configuration

This page lists 405 vulnerabilities in this category.

Critical: 4 High: 127 Medium: 173 Low: 51 Information: 50
Vulnerability Name
CVE
CWE
Severity
Content Security Policy (CSP) Keywords Not Used Within Single Quotes
-
CWE-942
Information
Microsoft Frontpage configuration information
-
CWE-200
Information
TLS/SSL (EC)DHE Key Reuse
-
CWE-327
Information
Permissions-Policy header not implemented
-
CWE-1021
Information
Content Security Policy Misconfiguration
-
CWE-358
Information
Web Application Firewall Detected
-
-
Information
WordPress readme.html file
-
CWE-200
Information
WordPress user registration enabled
-
-
Information
Error page web server version disclosure
-
CWE-200
Information
Content Security Policy (CSP) Not Implemented
-
CWE-1021
Information
Subresource Integrity (SRI) Not Implemented
-
CWE-830
Information
Deprecated Header Instruction Used to Implement Content Security Policy (CSP)
-
CWE-358
Information
Incorrect Content Security Policy (CSP) Implementation
-
CWE-942
Information
Invalid Content Security Policy (CSP) Directive Identified in meta Elements
-
CWE-358
Information
An Unsafe Content Security Policy (CSP) Directive in Use
-
CWE-942
Information
data: Used in a Content Security Policy (CSP) Directive
-
CWE-942
Information
Nonce Usage Detected in Content Security Policy (CSP) Directive
-
CWE-358
Information
Content Security Policy (CSP) Nonce Without Matching Script Block
-
CWE-358
Information
Static Nonce Identified in Content Security Policy (CSP)
-
CWE-334
Information
default-src Used in Content Security Policy (CSP)
-
CWE-942
Information
Content Security Policy (CSP) report-uri Uses HTTP
-
CWE-319
Information
Wildcard Detected in Scheme Portion of Content Security Policy (CSP) Directive
-
CWE-942
Information
Wildcard Detected in Domain Portion of Content Security Policy (CSP) Directive
-
CWE-942
Information
Wildcard Detected in Port Portion of Content Security Policy (CSP) Directive
-
CWE-942
Information
Unsupported Hash Detected in Content Security Policy (CSP)
-
CWE-327
Information
Weak Nonce Detected in Content Security Policy (CSP) Declaration
-
CWE-330
Information
Multiple Content Security Policy (CSP) Implementation Detected
-
CWE-358
Information
Content Security Policy (CSP) Nonce Value Not Used Within Single Quotes
-
CWE-358
Information
No Script Block Detected with the Hash Value Declared in Content Security Policy (CSP)
-
CWE-942
Information
Cross-Origin Opener Policy (COOP) Not Implemented
-
CWE-1022
Information