Running PAM 04.3.05 CP06
Main issue:
Missing or insecure "X-Content-Type-Options" header
Proposed Solution:
Configure your server to send the "X-Content-Type-Options" header with value "nosniff" on all outgoing requests
Port: 443
CWE: 200
Release : 4.3
CA Process Automation
Modify web.xml at <Install_Dir>\server\c2o\ext-
<init-param>
<param-name>X-Content-Type-Options</param-name>
<param-value>nosniff</param-value>
</init-param>