Skip to main content

Notifications

Community site session details

Community site session details

Session Id :
Power Apps - GCC, GCCH, DoD - Federal App Maker...
Unanswered

Vulnerability Assessment Report 365 tenant Applications

Like (0) ShareShare
ReportReport
Posted on 15 Apr 2024 12:51:18 by

Hello,  

Please suggest on below. We developed an app using Power apps.  Application Security team of the organization has validated the application and shared below concerns to address immediately.

 

 

  1. Missing security headers : During the assessment it was observed that application is not configured with CSP and X-Frame Option headers.

      2. Vulnerable to Clickjacking : During the assessment it was observed that application is vulnerable to clickjacking.

 

Note: I tried below but no luck:

https://learn.microsoft.com/en-us/power-platform/admin/content-security-policy

Anyone has any idea how it can be handled?

Thank you in advance

-Pardha

Categories:

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Announcing the Engage with the Community forum!

This forum is your space to connect, share, and grow!

🌸 Community Spring Festival 2025 Challenge Winners! 🌸

Congratulations to all our community participants!

Warren Belz – Community Spotlight

We are honored to recognize Warren Belz as our May 2025 Community…

Leaderboard > Power Apps - GCC, GCCH, DoD - Federal App Makers (FAM)

#1
WarrenBelz Profile Picture

WarrenBelz 6 Most Valuable Professional

#2
CU22051816-0 Profile Picture

CU22051816-0 4

#3
Michael E. Gernaey Profile Picture

Michael E. Gernaey 2 Super User 2025 Season 1

Overall leaderboard

Featured topics

Loading started