Missing X-XSS-Protection Header
Severity: Best Practice
Summary
Netsparker detected a missing X-XSS-Protection header which means that this website could be at risk of a Cross-site Scripting (XSS) attacks.
Impact
This issue is reported as additional information only. There is no direct impact arising from this issue.
Remediation
Add the X-XSS-Protection header with a value of "1; mode= block".
-
X-XSS-Protection: 1; mode=block
Netsparker Security Insights
Helpful Use Cases
Vulnerability Index
You can search and find all vulnerabilities
Select Category
OR
Search Vulnerability
Tags
