Question 140 Views Nikhil Agarwal (Nikhil_Agarwal94) Sun Life Financial Company Nikhil Agarwal Sun Life Financial Company CA View Profile Send Message Nikhil_Agarwal94 Member since 2019 16 posts Sun Life Financial Company Posted: November 4, 2020 Last activity: November 4, 2020 Posted: 4 Nov 2020 13:38 EST Last activity: 4 Nov 2020 15:30 EST Closed Cross Site Websocket Hijacking security issue Report Hi, We got Cross Site Websocket Hijacking issue flagged in vulnerability scan on prpushservlet. We have disabled it using below DSS. Is this sufficient to secure websockets or do we need to use CSRF? prconfig/operatorpresence/enabled/default prconfig/server-push/enabled/default ***Edited by Moderator Marissa to update Support Case Details*** Pega Platform 8.2.6 Security Insurance Lead System Architect Support Case Exists Likes (2) Share Share this page Facebook Twitter LinkedIn Email Copy link Copying... Copied! Moderation Team has archived post, learn more This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.