As vulnerability scanning software, we have to constantly develop to keep up with the latest threats and updates. Recently we removed support for the X-XSS-Protection header.
What does the X-XSS-Protection header do?
Why is it being removed?
What browsers still support it?
You can stay up to date with the latest data here: https://github.com/mdn/browser-compat-data.
What to do instead?
Enabling a strong content-security-policy header will offer you protection against XSS. You can read more about enabling security headers here.