XSS-Protection Header - Cross-Site Scripting
ID: xss-deprecated-header
Severity: info
Author: joshlarsen
Tags: xss,misconfig,generic
Description
Section titled “Description”Setting the XSS-Protection header is deprecated. Setting the header to anything other than 0 can actually introduce an XSS vulnerability.
YAML Source
Section titled “YAML Source”id: xss-deprecated-header
info: name: XSS-Protection Header - Cross-Site Scripting author: joshlarsen severity: info description: Setting the XSS-Protection header is deprecated. Setting the header to anything other than `0` can actually introduce an XSS vulnerability. reference: - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection - https://owasp.org/www-project-secure-headers/#x-xss-protection classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0 metadata: max-request: 1 tags: xss,misconfig,generic
http: - method: GET path: - "{{BaseURL}}"
matchers-condition: and matchers: - type: regex part: header regex: - "(?i)x-xss-protection: 0" negative: true
- type: regex part: header regex: - "(?i)x-xss-protection: 1+"
extractors: - type: kval part: header kval: - x_xss_protection# digest: 490a004630440220530bb9267a1aa3b658dbeb9ffcb7e100a4ec8febe5c7a5af11d2c6abbeb38f22022070cb1ddbb2959925081896be62b28e5f354e6bd9df2c32dcc5e74687aaab79c8:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/misconfiguration/xss-deprecated-header.yaml"