No Script Block Detected with the Hash Value Declared in Content Security Policy (CSP) Severity: Information Summary# The hash value in the CSP directive does not match with any hash value of the script blocks in the page. Classifications# ISO27001-A.14.2.5, OWASP 2017-A6, OWASP 2013-A5 Further Reading# Content Security Policy (CSP) Explained Invicti Security Insights Using Content Security Policy (CSP) to Secure Web Applications Remote Hardware Takeover via Vulnerable Admin Software The dangers of incorrect CSP implementations Leverage Browser Security Features to Secure Your Website Vulnerability Index You can search and find all vulnerabilities Select Category Critical High Medium Low Best Practice Information OR Search Vulnerability Tags OWASP 2013-A5 OWASP 2017-A6 CSP Related Vulnerabilities Oracle WebLogic Remote Code Execution (CVE-2020-14882) Drupal Core – Remote Code Execution (CVE-2019-6340) Code Execution via SSTI (Java FreeMarker) Web Backdoor Detected Out of Band Code Execution via SSTI (PHP Twig)
