Protection against reflected cross-site scripting attacks is disabled
Impact area
Security
Severity
Medium
Affected element
Org Config
Rule ID
SF-0165
Impact
Increased vulnerability to cross-site scripting attacks.
Remediation
Enable this setting. From Setup, enter "Session Settings" in the Quick Find box, then select Session Settings. Then enable "XSS protection".
Time to fix
30 min
This rule is linked to Common Weakness Enumeration CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').