Skip to main content

Notifications

Community site session details

Community site session details

Session Id : 8q2+fwQl6q1GsCrVJtpZju
Power Apps - GCC, GCCH, DoD - Federal App Maker...
Unanswered

Vulnerability Assessment Report 365 tenant Applications

Like (0) ShareShare
ReportReport
Posted on 15 Apr 2024 12:51:18 by

Hello,  

Please suggest on below. We developed an app using Power apps.  Application Security team of the organization has validated the application and shared below concerns to address immediately.

 

 

  1. Missing security headers : During the assessment it was observed that application is not configured with CSP and X-Frame Option headers.

      2. Vulnerable to Clickjacking : During the assessment it was observed that application is vulnerable to clickjacking.

 

Note: I tried below but no luck:

https://learn.microsoft.com/en-us/power-platform/admin/content-security-policy

Anyone has any idea how it can be handled?

Thank you in advance

-Pardha

Categories:

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Understanding Microsoft Agents - Introductory Session

Confused about how agents work across the Microsoft ecosystem? Register today!

Warren Belz – Community Spotlight

We are honored to recognize Warren Belz as our May 2025 Community…

Congratulations to the April Top 10 Community Stars!

Thanks for all your good work in the Community!

Leaderboard > Power Apps - GCC, GCCH, DoD - Federal App Makers (FAM)

Overall leaderboard

Featured topics

Loading started