Content-Security-Policy

We made a Pen-Test and the result show some vulnerability

can you please give me the correct configuration or explay how to ensure your application?

in our case Cross-Site Scripting

and Content-Security-Policy configuration

Questions

Antonio Lorenzini asked Feb 2, 2024 - 4:45 pm

You must login to post comments

Answers (2)

There is no cross site vulnerability in Wisej.NET, nor any other vulnerability to date. Any html sanitation is part of your application. With Wisej being able to run javascript (in a broken img, which is the typical pentest trick, is harmless). In any case, if your app displays html it’s the app’s responsibility.

The other things you mentioned are not vulnerabilities and are not a Wisej specific features. They are standard asp.net.

You can refer to our security page for more information. If you require additional services pls refer to our services page.

https://docs.wisej.com/docs/concepts/security

Luca (ITG) answered Feb 2, 2024 - 5:28 pm

You must login to post comments

Hi Antonio,

Please contact us at support[at]wisej.com .

Best,
Alaa

Alaa (ITG) answered Feb 2, 2024 - 4:48 pm

You must login to post comments

Your Answer

Please login first to submit.

Download Wisej.NET datasheet Printable version (pdf)

Ask questions and get help on the Wisej.NET Forum

Explore Wisej.NET online documentation