Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Normal
Fix Version/s: None
Affects Version/s: None
Component/s: Kiali
Labels:
- auto-marked-stale
- backstage

Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Intelligence Requested:
Market:

SFDC Cases Links:
SFDC Cases Open:
SFDC Cases Counter:

app = express().use(router);
CSRF protection is disabled for your Express app. This allows the attackers to execute requests on a user's behalf.

how fix it

also same line

Disable X-Powered-By header for your Express app (consider using Helmet middleware), because it exposes information about the used framework to potential attackers.

Assignee:: Josune Cordoba Torrecilla

Reporter:: Alberto Jesus Gutierrez Juanes

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2024/05/27 9:14 AM

Updated:: 2025/06/23 11:18 AM

Resolved:: 2025/06/23 11:18 AM

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates