14.4.3 A content security policy is in place¶
Verify that a content security policy (CSPv2) is in place that helps mitigate impact for XSS attacks like HTML, DOM, JSON, and JavaScript injection vulnerabilities.
| Level 1 | X |
| Level 2 | X |
| Level 3 | X |
| CWE | NIST |
|---|---|
| 1021 |