The browser is not prevented from inferring the MIME type from the document content and from executing malicious files

Impact area

Security

Severity

Medium

Affected element

Org Config

Rule ID

SF-0163

Impact

Increased vulnerability to code injection attacks by Javascript or StyleSheet code.


Remediation

Enable this setting. From Setup, enter "Session Settings" in the Quick Find box, then select Session Settings. Then enable "Content Sniffing protection".

Time to fix

30 min

What's here


Related content

Org Configuration rules