Description

These page(s) does not set a Content-Type header value. This value informs the browser what kind of data to expect. If this header is missing, the browser may incorrectly handle the data. This could lead to security problems.

Remediation

Set a Content-Type header value for these page(s).

References

Missing Content-Type Header Detected on Web Application - Invicti

Related Vulnerabilities

Laravel debug mode enabled (AcuSensor)

SAP Management Console list logfiles

ASP.NET viewstate encryption disabled

Spring Boot Misconfiguration: Overly long session timeout

Reverse Proxy Detected

Severity

Low

Classification

CWE-16 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration