Secure Pages Include Mixed Content

Risk:
Low

Type:
Passive

CWE:
CWE-311

Summary: The page includes mixed content, that is content accessed via HTTP instead of HTTPS.

Solution: A page that is available over SSL/TLS must be comprised completely of content which is transmitted over SSL/TLS. The page must not contain any content that is transmitted over unencrypted HTTP. This includes content from third party sites.

Other info: tag=img src=http://example.com/file

References: https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Protection_Cheat_Sheet.html

Free security scan for your website

Don't show website scan report rating on the leaderboard