Wildcard Detected in Domain Portion of Content Security Policy (CSP) Directive

Severity: Information
Summary#

Invicti detected that wildcard was used in domain portion of a CSP directive.

Impact#

This means you trust all of the subdomains of this domain, if this is the case there is no impact.

Remediation#

If you trust all of the subdomains and if this is necessary then you do not need to take any actions. However if this is not the case replace the wildcard with the only subdomain that you trust.

Classifications#
OR

Search Vulnerability

Tags

CSP

Build your resistance to threats. And save hundreds of hours each month.

Get a demo See how it works