nuclei-templates/miscellaneous/missing-x-frame-options.yaml

19 lines
353 B
YAML
Raw Normal View History

2020-08-20 19:17:46 +00:00
id: missing-x-frame-options
info:
name: Clickjacking (Missing XFO header)
author: kurohost
severity: low
2021-04-01 18:35:08 +00:00
tags: misc
2020-08-20 19:17:46 +00:00
requests:
- method: GET
path:
- "{{BaseURL}}"
redirects: true
max-redirects: 2
matchers:
- type: dsl
dsl:
- "!contains(tolower(all_headers), 'x-frame-options')"