Browser open *.http objects instead of download them.
XSS flaws occur when an application includes user supplied data in a page sent to the browser without properly validating or escaping that content
Cross-Site Scripting attacks are a type of injection attack, in which malicious scripts are injected into the otherwise benign and trusted web sites. Cross-site scripting (XSS) attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.
Affected URL:
/horizon/project/containers/
Fix: browser should download but not open *.http objects
Browser open *.http objects instead of download them.
XSS flaws occur when an application includes user supplied data in a page sent to the browser without properly validating or escaping that content
Cross-Site Scripting attacks are a type of injection attack, in which malicious scripts are injected into the otherwise benign and trusted web sites. Cross-site scripting (XSS) attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.
Affected URL: project/ containers/
/horizon/
Fix: browser should download but not open *.http objects