TRIAL REQUEST A DEMO LOGIN

Session Policy - Enable Content Security Policy

Impact area

Security

Severity

Medium

Affected element

Org Config

Rule ID

SF-0172

Impact

Increased vulnerability to Cross-Site Request Forgery (CSRF) attacks.


Remediation

Enable this setting. From Setup, enter "Session Settings" in the Quick Find box, then select Session Settings. Then enable "Enable Stricter Content Security Policy".

Time to fix

30 min

References

This rule is linked to CWE-1021: Improper Restriction of Rendered UI Layers or Frames.

What's here


Related content

Org Configuration rules

Common Weakness Enumeration (CWE™)




Last modified on Dec 22, 2022
Copyright © QualityClouds 2021