This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject

→ The Lansweeper Customer Excellence Awards 2024 - Submit Your Project Now! Learn More & Enter Here

Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Cross-Site Scripting Attack vulnerability

SBaha
Engaged Sweeper II

yesterday

A recent security scan of our Lansweeper server detected a Cross-site Scripting Attack vulnerability.  Checking Lansweeper knowledge base I found this in a security related document:

X-XSS-Protection: When set to 1, this setting enables the browser's XSS filter, providing an additional layer of defense against cross-site scripting attacks. This setting cannot be altered.

I made this change for LS site in IIS (I am not sure why it says his setting cannot be altered), but the scan still returns the same alert.  Has anyone seen this before and if so, have you been able to resolve the issue?

Labels:
0 Kudos
2 REPLIES 2
DonMario73
Champion Sweeper

yesterday

Hi, can you confirm the LS and IIS version that you are using? Also, the tool that you ran to scan for vulnerabilities?.

Thks 

0 Kudos
SBaha
Engaged Sweeper II
In response to DonMario73

yesterday

IS 10.0.17763.1
LS 11.2.1.2
Scanning is done with Connectsecure

0 Kudos

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now