Content Security Policy is a security standard. It was introduced to protect from cross-site scripting and other injection attacks. This is achieved by restricting data access from different sources. Content Security Policy is the second layer of protection from Cross-site Scripting and related attacks. This application uses an Unsafe Content Security Policy Directive unsafe-eval. This vulnerability allows the use of string evaluation functions like eval. This may lead to the attacker to bypass Content Security Policy and exploits a Cross-site Scripting vulnerability successfully.
This vulnerability leads to cross-site scripting and related attacks.
Beagle recommends the following impacts:-