Description

The Permissions-Policy header allows developers to selectively enable and disable use of various browser features and APIs.

Remediation

References

Permissions-Policy / Feature-Policy (MDN)

Permissions Policy (W3C)

Related Vulnerabilities

Yii debug mode enabled

ASP.NET WCF service include exception details

Invalid Content Security Policy (CSP) Directive Identified in meta Elements

WordPress readme.html file

TRACE Method enabled

Severity

Info

Classification

CWE-1021 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration