X-Backend-Server Header Information Leak

Risk:
Low

Type:
Passive

CWE:
CWE-200

Summary: The server is leaking information pertaining to backend systems (such as hostnames or IP addresses). Armed with this information an attacker may be able to attack other systems or more directly/efficiently attack those systems.

Solution: Ensure that your web server, application server, load balancer, etc. is configured to suppress X-Backend-Server headers.

Top Security News

Latest CVE List

Common Alerts

InformationalObsolete Content Security Policy (CSP) Header Found
LowX-Debug-Token Information Leak
HighServer Side Code Injection - PHP Code Injection
HighPath Traversal
InformationalInformation Disclosure - Sensitive Information in URL
HighSQL Injection - PostgreSQL
InformationalSec-Fetch-Mode Header Has an Invalid Value
InformationalStorable and Cacheable Content
LowCSP: Notices
LowFull Path Disclosure

Top CWE List

Free online web security scanner

Don't show website scan report rating on the leaderboard