Hi
Currently got PCI audit of Orin Server and got mention Vulnerability , need solution to remove this Vulnerability currently using HTTPS with certificate ( No HTTP service is running with port 80)
Vulnerability Title: Click Jacking
Vulnerability Solution:
Use HTTP X-Frame-Options
Send the HTTP response headers with X-Frame-Options that instruct the browser to restrict framing where it is not allowed.
Service Port:
17799
17791
17778
Vulnerability Proof:
* Running HTTPS service
HTTP request to https://x.x.x.x:17799/,relevance:10},{begin:/
HTTP response code was an expected 200
1: text/html
HTTP header 'Content-Type' was present and matched expectation
HTTP header 'Content-Security-Policy' not present
HTTP header 'X-Frame-Options' not present