found a vulnerability in your website

the vulnerability in your website is something called clickjacking or x-frame options header not set . when X-frame options header is not included in the HTTP the attacker can attack your website by clickjacking. so what is x-frame options? The X-Frame-Options HTTP response header can be used to indicate whether or no a browser should be allowed to render a page in a <frame>, <iframe> or <object> . Sites can use this to avoid by clickjacking attacks. by ensuring that their content is not embedded into other sites. and what is clickjacking? clickjacking is a malicious technique of tricking a web user into clicking on something different from what the user perceives they are clicking on.