Injection: CSP Bypass via Input Injection¶
Identifier:
improper_input_csp_bypass
Scanner(s) Support¶
| GraphQL Scanner | REST Scanner | WebApp Scanner | ASM Scanner |
|---|---|---|---|
Description¶
Content Security Policy bypass via input injection occurs when user-supplied data is reflected in the page or response headers without adequate sanitization, allowing attackers to inject a weakened CSP policy via meta tags or overwrite existing CSP headers.
How we test: We inject CSP bypass payloads into available form inputs on the active page state, then inspect the response HTML for injected meta CSP tags and monitor response headers via network listeners for weakened or overwritten Content-Security-Policy values.
References:
- https://portswigger.net/web-security/cross-site-scripting/content-security-policy
- https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html
Configuration¶
Example¶
Example configuration:
Reference¶
skip¶
Type : boolean
Skip the test if true.