CSP Web Vulnerability & Security Checks | Invicti

Home / Vulnerabilities / CSP

Select Category

Search Vulnerability

Vulnerability Name

Classifications

Severity

Content Security Policy (CSP) Not Implemented

CWE-16, ISO27001-A.14.2.5, WASC-15

Best Practice

An Unsafe Content Security Policy (CSP) Directive in Use

CWE-16, ISO27001-A.14.2.5, WASC-15

Information

Content Security Policy (CSP) Nonce Value Not Used Within Single Quotes

CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6

Information

Content Security Policy (CSP) Keywords Not Used Within Single Quotes

CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6

Information

Content Security Policy (CSP) Contains Out of Scope report-uri Domain

ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3

Information

Content Security Policy (CSP) Nonce Without Matching Script Block

CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6

Information

Content Security Policy (CSP) report-uri Uses HTTP

ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3

Information

Deprecated Header Instruction Used to Implement Content Security Policy (CSP)

CWE-16, ISO27001-A.14.2.5, WASC-15

Information

Incorrect Content Security Policy (CSP) Implementation

CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6

Information

Invalid Content Security Policy (CSP) Directive Identified in meta Elements

CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6

Information

Missing object-src in CSP Declaration

CWE-16, ISO27001-A.14.2.5, WASC-15

Information

Multiple Content Security Policy (CSP) Implementation Detected

CWE-16, ISO27001-A.14.2.5, WASC-15

Information

Build your resistance to threats. And save hundreds of hours each month.

Get a demo See how it works