The X-XSS-Protection response header is one of the major features of almost all famous web browsers to stop cross-site scripting. It stops the pages from loading when they detect reflected cross-site scripting attacks. This application does not have a recognising X-XSS-Protection header. This application is at risk due to its vulnerability to Cross-site Scripting attacks. The value of X-XSS-Protection header only is zero or one.
The major impact for this violation is cross-scripting attacks.
Mitigation / Precaution
Beagle recommends changing the X-XSS-Protection value to 0 or 1.
Check your website security today and
identify vulnerabilities before hackers exploit them.