Get a demo
AppSec with Zero Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

Content Security Policy (CSP) Nonce Without Matching Script Block

Severity: Information
Summary#

Invicti detected that the page does not contain any script blocks with the nonce declared in CSP.

Remediation#

Ensure that all the script blocks has a matching nonce. If this nonce is not necessary then remove it from CSP.

Classifications#
, , , ,
Further Reading#
Invicti Security Insights

Select Category

OR

Search Vulnerability

Tags

OWASP 2013-A5 OWASP 2017-A6 CSP

Related Vulnerabilities

Related Articles

Build your resistance to threats. And save hundreds of hours each month.

Get a demo See how it works