Search Vulnerability


Vulnerability Name Classifications Severity
Content Security Policy (CSP) Not Implemented CWE-16; ISO27001-A.14.2.5; WASC-15 Best Practice
Expect-CT Not Enabled CWE-16; ISO27001-A.14.1.2; WASC-15 Best Practice
Insecure Transportation Security Protocol Supported (TLS 1.1) PCI v3.2-6.5.4; CAPEC-217; CWE-326; HIPAA-164.306; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Best Practice
Missing X-XSS-Protection Header CWE-16; HIPAA-164.308(a); ISO27001-A.14.2.5; WASC-15 Best Practice
Referrer-Policy Not Implemented CWE-200; ISO27001-A.14.2.5; OWASP 2013-A6; OWASP 2017-A3 Best Practice
SameSite Cookie Not Implemented CWE-16; ISO27001-A.14.2.5; WASC-15 Best Practice
SameSite None Cookie Not Marked as Secure CWE-16; ISO27001-A.14.2.5; WASC-15 Best Practice
Subresource Integrity (SRI) Not Implemented CWE-16; ISO27001-A.14.2.5; WASC-15 Best Practice
Invicti

Provably accurate, fast & easy-to-use Web Application Security Scanner

Get a demo