Question 98 Views Nikhil Agarwal (Nikhil_Agarwal94) Sun Life Financial Company Lead Software Engineer Sun Life Financial Company CA View Profile Send Message Nikhil_Agarwal94 Member since 2019 16 posts Sun Life Financial Company Posted: November 4, 2020 Last activity: November 4, 2020 Posted: 4 Nov 2020 13:38 EST Last activity: 4 Nov 2020 15:30 EST Cross Site Websocket Hijacking security issue Report Hi, We got Cross Site Websocket Hijacking issue flagged in vulnerability scan on prpushservlet. We have disabled it using below DSS. Is this sufficient to secure websockets or do we need to use CSRF? prconfig/operatorpresence/enabled/default prconfig/server-push/enabled/default ***Edited by Moderator Marissa to update Support Case Details*** Pega Platform 8.2.6 Security Insurance Lead System Architect Support Case Exists Reply Likes (2) Share Share this page Facebook Twitter LinkedIn Email Copy link Copying... Copied!