Content Security Policy (CSP) Keywords Not Used Within Single Quotes

Severity:

Information

Summary

Invicti detected that Content Security Policy (CSP) keywords like self, none, unsafe-inline, unsafe-eval were used within single quotes.

Impact

CSP keywords need to be used within single quotes according to CSP specifications, when not used the keywords will be considered as a part of the resource URL.

Remediation

Use these keywords within single quotes.

Required Skills for Successful Exploitation

Actions To Take

Classifications

Vulnerability Index

You can search and find all vulnerabilities

Select Category

Select Vulnerability

Related Vulnerabilities

Version Disclosure (Mailman)

Bluebird Identified

Out of Band Code Evaluation (PHP)

Source Code Disclosure (JSP)

Version Disclosure (Contao)

Content Security Policy (CSP) Keywords Not Used Within Single Quotes

Vulnerability Index

Select Category

Select Vulnerability

Featured resources

Build your resistance to threats. And save hundreds of hours each month.