Update xss-deprecated-header.yaml
parent
b1833adc69
commit
7c7b0a7479
|
@ -3,12 +3,12 @@ id: xss-deprecated-header-detect
|
|||
info:
|
||||
name: Detect Deprecated XSS Protection Header
|
||||
author: joshlarsen
|
||||
severity: low
|
||||
severity: info
|
||||
description: Setting the XSS-Protection header is deprecated by most browsers. Setting the header to anything other than `0` can actually introduce an XSS vulnerability.
|
||||
reference:
|
||||
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
|
||||
- https://owasp.org/www-project-secure-headers/#x-xss-protection
|
||||
tags: xss,misconfig
|
||||
tags: xss,misconfig,generic
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
|
|
Loading…
Reference in New Issue