Home/Alerts/Alert detail/

CSP

Type:
Passive

Alerts

CSP: X-Content-Security-Policy

CSP: X-WebKit-CSP

CSP: Notices

CSP: Wildcard Directive

CSP: script-src unsafe-inline

CSP: style-src unsafe-inline

CSP: script-src unsafe-hashes

CSP: style-src unsafe-hashes

CSP: Malformed Policy (Non-ASCII)

CSP: script-src unsafe-eval

CSP: Meta Policy Invalid Directive

CSP: Header & Meta

Top Security News

New NailaoLocker ransomware used against EU healthcare orgs

Black Basta ransomware gang's internal chat logs leak online

Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks

Windows Server 2025 released—here are the new features

SonicWall firewall bug leveraged in attacks after PoC exploit release

Data Leak Exposes TopSec's Role in China's Censorship-as-a-Service Operations

CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks

SpyLend Android malware downloaded 100,000 times from Google Play

Common Alerts

HighAccess Control Issue - Improper Authentication

HighLDAP Injection

LowStrict-Transport-Security Max-Age Malformed (Non-compliant with Spec)

MediumExponential Entity Expansion (Billion Laughs Attack)

MediumFormat String Error

InformationalInformation Disclosure - Sensitive Information in URL

InformationalContent Security Policy (CSP) Report-Only Header Found

LowStrict-Transport-Security Multiple Header Entries (Non-compliant with Spec)

LowStrict-Transport-Security Header Not Set

MediumReferer Exposes Session ID

Top CVE List

CVE-2025-0111 Palo Alto Networks PAN-OS File Read Vulnerability

CVE-2024-41710 Mitel SIP Phones Argument Injection Vulnerability

CVE-2024-20953 Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability

CVE-2025-0108 Palo Alto Networks PAN-OS Authentication Bypass Vulnerability

CVE-2025-24989 Microsoft Power Pages Improper Access Control Vulnerability

CVE-2017-3881 Cisco IOS and IOS XE Remote Code Execution Vulnerability

CVE-2017-6736 Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability

CVE-2025-21418 Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability

CVE-2024-40891 Zyxel DSL CPE OS Command Injection Vulnerability

CVE-2017-0148 Microsoft SMBv1 Server Remote Code Execution Vulnerability

Common CWEs

CWE-1062 Parent Class with References to Child Class

CWE-1109 Use of Same Variable for Multiple Purposes

CWE-1334 Unauthorized Error Injection Can Degrade Hardware Redundancy

LowCWE-783 Operator Precedence Logic Error

CWE-696 Incorrect Behavior Order

CWE-109 Struts: Validator Turned Off

CWE-1317 Improper Access Control in Fabric Bridge

MediumCWE-776 Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

CWE-463 Deletion of Data Structure Sentinel

CWE-912 Hidden Functionality

Free online web security scanner

Don't show website scan report rating on the leaderboard