Multiple X-Frame-Options Header Entries
- Risk:
Medium
- Type:
- Passive
- CWE:
- CWE-1021
- Summary
X-Frame-Options (XFO) headers were found, a response with multiple XFO header entries may not be predictably treated by all user-agents.
- Solution
Ensure only a single X-Frame-Options header is present in the response.
- References
Top Security News
Common Alerts
HighOut of Band XSS
InformationalSec-Fetch-Mode Header Has an Invalid Value
InformationalNon-Storable Content
InformationalPossible Username Enumeration
InformationalSec-Fetch-Site Header Has an Invalid Value
MediumDirectory Browsing
Top CWE List
Free security scan for your website