Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Open Lakehouse is Now Generally Available! Discover the key highlights and partner resources here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Asim
Partner - Contributor
Partner - Contributor
‎2019-06-11 02:22 AM

Vulnerability Testing

Hi,

In our client site, the network team has reported the following threat found and ask to rectify these.

  1. Netsparker detected a missing X-Frame-Options header which means that this website could be at risk of a clickjacking attack.

  2. Netsparker detected a missing Content-Type header which means that this website could be at risk of a MIME-sniffing attacks.

     

    We are using QV 12.40.20000.0 build and QVWS as the web server. Please help to solve this. 

    Thanks in advance

Labels (1)
Labels
529 Views
0 Likes
1 Reply
tresesco
MVP
MVP
‎2019-06-11 02:32 AM

As far as I remember, similar vulnerabilities I resolved with the help of the same network security team who reported it. It should a basic html page modification. Ask your security team for help. 

525 Views
0 Likes