Session Policy - Enable Content Security Policy
Impact area
Security
Severity
Medium
Affected element
Org Config
Rule ID
SF-0172
Impact
Increased vulnerability to Cross-Site Request Forgery (CSRF) attacks.
Remediation
Enable this setting. From Setup, enter "Session Settings" in the Quick Find box, then select Session Settings. Then enable "Enable Stricter Content Security Policy".
Time to fix
30 min
References
This rule is linked to CWE-1021: Improper Restriction of Rendered UI Layers or Frames.