In Page Banner Information Leak
- Risk:
Low
- Type:
- Passive
- CWE:
- CWE-200
- Summary
The server returned a version banner string in the response content. Such information leaks may allow attackers to further target specific issues impacting the product and version in use.
- Solution
Configure the server to prevent such information leaks. For example: Under Tomcat this is done via the "server" directive and implementation of custom error pages. Under Apache this is done via the "ServerSignature" and "ServerTokens" directives.
- Other info
- There is a chance that the highlight in the finding is on a value in the headers, versus the actual matched string in the response body.
Microsoft Outlook stops displaying inline SVG images used in attacks
HackerOne paid $81 million in bug bounties over the past year
Brave browser surpasses the 100 million active monthly users mark
Confucius Hackers Hit Pakistan With New WooperStealer and Anondoor Malware
Microsoft Defender bug triggers erroneous BIOS update alerts
Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown
Automating Pentest Delivery: 7 Key Workflows for Maximum Impact
ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More
Google Mandiant Probes New Oracle Extortion Wave Possibly Linked to Cl0p Ransomware
CVE-2015-7755 Juniper ScreenOS Improper Authentication Vulnerability
CVE-2025-32463 Sudo Inclusion of Functionality from Untrusted Control Sphere Vulnerability
CVE-2025-59689 Libraesva Email Security Gateway Command Injection Vulnerability
CVE-2013-3893 Microsoft Internet Explorer Resource Management Errors Vulnerability
CVE-2021-21311 Adminer Server-Side Request Forgery Vulnerability
CVE-2022-40139 Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability
CVE-2022-43939 Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability
InformationalNon-Storable Content
Free online web security scanner