Vulnerabilities/

X-Powered-By Header Found

Severity:: Informational

Description

The presence of the X-Powered-By header reveals the technologies used by the web server, providing valuable information to attackers. This disclosure can aid attackers in identifying vulnerabilities and planning their attacks more effectively.

Recommendation

To mitigate this issue, configure the web server to stop sending the X-Powered-By header.

References

OWASP: Web Server Security
Mozilla: X-Powered-By
CWE-16
CWE-200
CAPEC-118
OWASP 2021-A5

Related Issues

ASP.NET Version Disclosure - Vulnerability
Missing or Insecure Cache-Control Header - Vulnerability
PHP Version Disclosure - Vulnerability
X-Content-Type-Options Header is Missing - Vulnerability

Tags:: HTTP Headers; Information Disclosure; Application Misconfiguration; Web Server

Anything's wrong? Let us know Last updated on May 13, 2024