HTTP Strict Transport Security (HSTS) via HTTP
Severity:
Information
Summary
HTTP Strict Transport Security header is sent via an HTTP response which must be sent in HTTPS responses instead.
Impact
Web browsers will ignore the HSTS implementation and the users will not be able to take advantage of HSTS. This renders the HSTS implementation useless. Not having HSTS will make MITM attacks easier for attackers.
Remediation
Required Skills for Successful Exploitation
Actions To Take
Classifications
Vulnerability Index
You can search and find all vulnerabilities
Select Category
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Build your resistance to threats. And save hundreds of hours each month.
