Vulnerbility Scan finds issue
Hello,
Our DC Server is being detected as having a ClickJacking vulnerbility. Does Manage Engine have a fix for this vulnerbility?
Description:
The remote web server does not set an X-Frame-Options response header in all content responses.
X-Frame-Options has been proposed by Microsoft as a way to mitigate clickjacking attacks and is currently supported by all major browser vendors.
Resolution:
Return the X-Frame-Options HTTP header with the page's response.
This prevents the page's content from being rendered by another site when using the frame or iframe HTML tags.
Reference:
https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet
Thank you in advance - Corey
New to ADSelfService Plus?