The X-XSS-Protection response header is one of the major feature of Internet Explorer, Chrome and Safari to stop cross-site scripting. It stops the pages from loading, when they detect reflected cross-site scripting attacks. In this webpage X-XSS-Protection header is not found.The X-XSS-Protection header is designed to enable the cross-site scripting filter, which is builtin to modern web browsers.This vulnerablility exposes the application to a Cross site Scripting attacks.
The major impact for this violation is cross-scripting attacks.
Mitigation / Precaution
The only mitigation is to enable the X-XSS-Protection and set the value to 1.
Check your website security today and
identify vulnerabilities before hackers exploit them.