Vulnerability
X-XSS-Protection
The X-XSS-Protection response header is one of the major feature of Internet Explorer, Chrome and Safari to stop cross-site scripting. It stops the pages from loading, when they detect reflected cross-site scripting attacks. In this webpage X-XSS-Protection header is not found.The X-XSS-Protection header is designed to enable the cross-site scripting filter, which is builtin to modern web browsers.This vulnerablility exposes the application to a Cross site Scripting attacks.
X-XSS-Protection: 0 # Disable XSS filtering
X-XSS-Protection: 1 # Enables filtering. If cross site scripting detected - the browser will sanitise
X-XSS-Protection: 1; mode=block # Under this mode, when cross site scripting detected - the browser wont render the page
X-XSS-Protection: 1; report=<reporting-uri> # Enables filtering, when detected - the browser will sanitise and report the violation
Example
X-XSS-Protection: 1; mode=block
Impact
The major impact for this violation is cross-scripting attacks.
Mitigation / Precaution
The only mitigation is to enable the X-XSS-Protection and set the value to 1.
PHP
header("X-XSS-Protection: 1; mode=block");
Apache (.htaccess)
<IfModule mod_headers.c>
Header set X-XSS-Protection "1; mode=block"
</IfModule>
Nginx
add_header "X-XSS-Protection" "1; mode=block";
Written by
Summarize:
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 14 days
