HCL Aftermarket EPC is vulnerable to attack since the server is not configured with “X-XSS-Protection" header