diff --git a/jeeutil/src/main/java/de/muehlencord/shared/jeeutil/OwaspStandardFilter.java b/jeeutil/src/main/java/de/muehlencord/shared/jeeutil/OwaspStandardFilter.java
index 6e7f699..ad7ec53 100644
--- a/jeeutil/src/main/java/de/muehlencord/shared/jeeutil/OwaspStandardFilter.java
+++ b/jeeutil/src/main/java/de/muehlencord/shared/jeeutil/OwaspStandardFilter.java
@@ -46,6 +46,9 @@ public class OwaspStandardFilter implements Filter {
         HttpServletResponse res = (HttpServletResponse) response;
         // X-FRAME-OPTIONS: Clickjacking protection: "deny" - no rendering within a frame, "sameorigin" - no rendering if origin mismatch
         res.addHeader("X-FRAME-OPTIONS", mode);
+        
+        // Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.
+        res.addHeader("X-XSS-Protection", "1");
 
         // X-Content-Type-Options the only defined value, "nosniff", 
         // The only defined value, "nosniff", prevents Internet Explorer from MIME-sniffing a response away from the declared content-type.