X-Powered-By Header Found

Severity:: Informational

Description

The presence of the X-Powered-By header reveals the technologies used by the web server, providing valuable information to attackers. This disclosure can aid attackers in identifying vulnerabilities and planning their attacks more effectively.

Test for X-Powered-By Header Vulnerability with SmartScanner

Donwload FREE!

Recommendation

To mitigate this issue, configure the web server to stop sending the X-Powered-By header.

References

OWASP: Web Server Security
Mozilla: X-Powered-By
CWE-16
CWE-200
CAPEC-118
OWASP 2021-A1
OWASP 2021-A5

Related Issues

Apache Version Disclosure - Vulnerability
ASP.NET Version Disclosure - Vulnerability
Server Version Disclosure - Vulnerability
PHP Version Disclosure - Vulnerability

Tags:: HTTP Headers; Information Disclosure; Application Misconfiguration; Web Server

Anything's wrong? Let us know Last updated on May 13, 2024