Details | |
---|---|
Alert Id | 10020-1 |
Alert Type | Passive |
Status | release |
Risk | Medium |
CWE | 1021 |
WASC | 15 |
Technologies Targeted | All |
Tags |
CWE-1021 OWASP_2017_A06 OWASP_2021_A05 WSTG-V42-CLNT-09 |
Summary
The response does not include either Content-Security-Policy with ‘frame-ancestors’ directive or X-Frame-Options to protect against ‘ClickJacking’ attacks.