SAP Knowledge Base Article - Preview

3385187 - AS Java Security Vulnerability - The server is not configured to return a 'X-XSS-Protection' header


Third party tool detects security vulnerability that the server is not configured to return a 'X-XSS-Protection' header which means that any pages on this website could be at risk of a Cross-Site Scripting (XSS) attack.



SAP NetWeaver for Application Server Java - all versions


SAP NetWeaver Application Server for Java all versions


KBA , BC-JAS-WEB , Web Container, HTTP, JavaMail, Servlets , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.