Incorrect Content Security Policy (CSP) Implementation
Summary#
Invicti detected that CSP is implemented inside body tag.
Impact#
This usage is not supported and will be ignored by the browsers.
Remediation#
Declare CSP in HTTP headers or with meta tags inside head element instead of body.
Classifications#
Further Reading#
Vulnerability Index
You can search and find all vulnerabilities
Select Category
OR
Search Vulnerability
Tags
Related Vulnerabilities