Multiple X-Frame-Options Header Entries
- Risk:
Medium
- Type:
- Passive
- CWE:
- CWE-1021
- Summary
X-Frame-Options (XFO) headers were found, a response with multiple XFO header entries may not be predictably treated by all user-agents.
- Solution
Ensure only a single X-Frame-Options header is present in the response.
- References
Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive
Fake Microsoft Teams installers push Oyster malware via malvertising
EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations
Windows 11 KB5065789 update released with 41 changes and fixes
UNC1549 Hacks 34 Devices in 11 Telecom Firms via LinkedIn Job Lures and MINIBIKE Malware
Threatsday Bulletin: Rootkit Patch, Federal Breach, OnePlus SMS Leak, TikTok Scandal & More
Microsoft will offer free Windows 10 extended security updates in Europe
Microsoft warns of new XCSSET macOS malware variant targeting Xcode devs
Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware
CVE-2015-7755 Juniper ScreenOS Improper Authentication Vulnerability
CVE-2025-32463 Sudo Inclusion of Functionality from Untrusted Control Sphere Vulnerability
CVE-2018-8174 Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability
CVE-2024-8068 Citrix Session Recording Improper Privilege Management Vulnerability
CVE-2025-59689 Libraesva Email Security Gateway Command Injection Vulnerability
CVE-2013-3893 Microsoft Internet Explorer Resource Management Errors Vulnerability
Free online web security scanner