No Script Block Detected with the Hash Value Declared in Content Security Policy (CSP) Severity: Information Summary# The hash value in the CSP directive does not match with any hash value of the script blocks in the page. Classifications# ISO27001-A.14.2.5, OWASP 2017-A6, OWASP 2013-A5 Further Reading# Content Security Policy (CSP) Explained Invicti Security Insights Using Content Security Policy (CSP) to Secure Web Applications Remote Hardware Takeover via Vulnerable Admin Software The dangers of incorrect CSP implementations Leverage Browser Security Features to Secure Your Website Vulnerability Index You can search and find all vulnerabilities Select Category Critical High Medium Low Best Practice Information OR Search Vulnerability Tags OWASP 2013-A5 OWASP 2017-A6 CSP Related Vulnerabilities Server-Side Template Injection (Java FreeMarker) Out of Band Code Evaluation (PHP) Code Execution via SSTI (Node.js Marko) Out of Band SQL Injection Code Evaluation via Local File Inclusion (PHP)