Description

The Permissions-Policy header allows developers to selectively enable and disable use of various browser features and APIs.

Remediation

References

Permissions-Policy / Feature-Policy (MDN)

Permissions Policy (W3C)

Related Vulnerabilities

Possible Database Name Disclosure

Multiple Content Security Policy (CSP) Implementation Detected

Apache solr service exposed

Elasticsearch service accessible

Jenkins open user registration

Severity

Info

Classification

CWE-1021 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration