Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

Feb 25, 2016

Scanned with HP Web Inspect

My web app was recently DAST scanned and one of the vulnerabilities was "Missing Cross-Frame Scripting Protection".. Does the ASM protect against that? if not can someone explain?

ASM Advanced WAF

1 Reply

Erik_Novak
Employee
Feb 25, 2016
This is an interesting situation that occurs from time to time when the description of a vulnerability discovered by a scanner is slightly different than the wording for an ASM violation. ASM would most likely mitigate this vulnerability by either applying cross site scripting signatures, or by suggesting that you turn on Cross Site Request Forgery protection, or both.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Community Articles

application delivery

container ingress services

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5