Best Practice Severity Web Vulnerability & Security Checks | Invicti

Home / Vulnerabilities / Best Practice

Select Category

Search Vulnerability

Vulnerability Name

Classifications

Severity

Content Security Policy (CSP) Not Implemented

CWE-16, ISO27001-A.14.2.5, WASC-15

Best Practice

Insecure Transportation Security Protocol Supported (TLS 1.1)

PCI v3.2-6.5.4, CAPEC-217, CWE-326, HIPAA-164.306, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3

Best Practice

Missing X-XSS-Protection Header

CWE-16, HIPAA-164.308(a), ISO27001-A.14.2.5, WASC-15

Best Practice

Referrer-Policy Not Implemented

CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3

Best Practice

SameSite Cookie Not Implemented

CWE-16, ISO27001-A.14.2.5, WASC-15

Best Practice

SameSite None Cookie Not Marked as Secure

CWE-16, ISO27001-A.14.2.5, WASC-15

Best Practice

Subresource Integrity (SRI) Not Implemented

CWE-16, ISO27001-A.14.2.5, WASC-15

Best Practice

Build your resistance to threats. And save hundreds of hours each month.

Get a demo See how it works