1. POPFile Mojolicious API Exposed: Security Headers Missing at Core File
A critical security gap has been identified in POPFile's Mojolicious-based API layer. The application's dispatch handler at `POPFile/API.pm:205` fails to set any HTTP security headers, leaving the software exposed to multiple browser-based attack vectors. The code currently lacks six foundational response headers: Con...