Web App Vulnerabilities

1. Introduction Missing Content Security Policy is a web security issue where a website does not define rules for what...

1. Introduction The Missing ‘Content-Type’ Header vulnerability occurs when a web server does not send a ‘Content-Type’ header with its...

1. Introduction The vulnerability is a missing ‘X-Content-Type-Options’ header in HTTP responses. This means browsers may attempt to guess the...

1. Introduction The Missing ‘X-Frame-Options’ Header vulnerability means a web server isn’t telling browsers whether it’s safe to display its...

1. Introduction Missing Function Level Access Control means the web application doesn’t properly restrict who can use certain features. This...

1. Introduction Missing HTTP Strict Transport Security Policy means the server isn’t telling browsers to always use HTTPS for connections....

1. Introduction The vulnerability, Missing or Permissive Content-Security-Policy frame-ancestors, means a web server isn’t properly controlling which other websites can...

1. Introduction The Missing or Permissive X-Frame-Options HTTP Response Header vulnerability means a web server isn’t actively protecting itself against...

1. Introduction The vulnerability ‘Missing Permissions Policy’ means a website isn’t controlling browser feature access within its own pages and...

1. Introduction The Missing Referrer Policy vulnerability means your website isn’t controlling how much information browsers send when a user...