Description
Acunetix evaluated the scan target's Content Security Policies, checked for misconfigurations and potentially unintended side-effects of otherwise valid configurations, and offers the following suggestions on how to change existing policies for improved security and maximum compatibility.
Remediation
See alert details for available remediation advice.
References
Using Content Security Policy (CSP) to Secure Web Applications
Related Vulnerabilities
Wildcard Detected in Domain Portion of Content Security Policy (CSP) Directive
Microsoft IIS5 NTLM and Basic authentication bypass
SAP NetWeaver server info information disclosure
Content Security Policy (CSP) Not Implemented
Spring Boot Misconfiguration: Datasource credentials stored in the properties file