Crucible: Missing HTTP Security Headers

XMLWordPrintable

    • Type: Public Security Vulnerability
    • Resolution: Fixed
    • Priority: Low
    • 4.8.15
    • Affects Version/s: 4.8.14
    • Component/s: None
    • 2.7
    • Low
    • Other

      Security headers are used to protect the application from various attacks.

      Several HTTP headers that should be present as part of the web applications server responses were found to be missing. These headers, while not exposing a huge security risk, should be set as part of a “defence in depth” strategy to protect users of the applications.

              Assignee:
              Unassigned
              Reporter:
              Oleh Shchur (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: