Symptom
You have received a report from a Partner or a 3rd Party provides stating that your Career Site shows a vulnerability described as: "Content Security Policy (CPS) Missing" and the recomendation might be to "Enable CPS headers"
Environment
SAP SuccessFactors Recruiting Marketing
Cause
According to our Cyber Security team, the missing CPS does not represent an actual threat to the companies, however, actions are being taken to correct this.
Resolution
Our Development team is working on an Enhancement for RMK which will give the option to add the CPS to the site headers.
If you need assistance from your CSM or support to update you on this development, this is the reference number: RMK-14753
Keywords
Content Security Policy (CPS) Missing, CPS, Vulnerability, CSP Header, RMK, Career Site, CSB , KBA , LOD-SF-RMK-SEC , Security & Vulnerabilities , Problem