Details
Alert Id 10061
Alert Type Passive Scan Rule
Status release
Risk
CWE
WASC

Summary

Server leaks information via “X-AspNet-Version”/“X-AspNetMvc-Version” HTTP response header field(s).

Solution

Configure the server so it will not return those headers.

References

Code

org/zaproxy/zap/extension/pscanrules/XAspNetVersionScanRule.java