diff --git a/lib/helpers/isValidXss.js b/lib/helpers/isValidXss.js
index 5ca04300d6..951240ee62 100644
--- a/lib/helpers/isValidXss.js
+++ b/lib/helpers/isValidXss.js
@@ -1,7 +1,7 @@
 'use strict';
 
 module.exports = function isValidXss(requestURL) {
-  var xssEventRegex = /(\b)on(click|error|load|mouse\w+|key\w+|focus\w?|blur|change|input|drag\w?|resize|dbclick|contextmenu|drop|select|message)=/
+  var xssEventRegex = /(\b)on(click|error|load|mouse\w+|key\w+|focus\w?|blur|change|input|drag\w?|resize|dbclick|contextmenu|drop|select|message|scroll)=/;
   var xssJSRegex = /javascript|(<\s*)(\/*)script/gi;
   return xssJSRegex.test(requestURL) || xssEventRegex.test(requestURL);
 };