Description

The server is missing the X-Content-Type-Options HTTP header.

Impact

Execute MIME sniffing attacks to obtain technical information and craft new attack vectors.

Recommendation

Set the X-Content-Type-Options header to nosniff in the server responses.

Threat

Unauthorized attacker from Internet network.

Expected Remediation Time

⏱️ 30 minutes.

Requirements

Fixes