Uses unsafe-inline without nonce

Disclosed: 2015-10-28 23:41:24 By cyberattacker To withinsecurity

Unknown

Vulnerability Details

Hi, I found you website using Uses unsafe-inline without nonce. Allowing unsafe-eval can increase risk of various types of attacks. Consider adding a nonce which makes injecting malicious code more difficult as an attacker would need to guess the nonce. Thanks,

Actions

View on HackerOne

Report Stats

Report ID: 96218
State: Closed
Substate: resolved
Upvotes: 1

Uses unsafe-inline without nonce

Vulnerability Details

Actions

Report Stats

Share this report