Details
Alert Id 10061
Alert Type Passive
Status release
Risk Low
CWE 933
WASC 14
Tags OWASP_2017_A06
OWASP_2021_A05
WSTG-V42-INFO-08

Summary

Server leaks information via “X-AspNet-Version”/“X-AspNetMvc-Version” HTTP response header field(s).

Solution

Configure the server so it will not return those headers.

References

Code

org/zaproxy/zap/extension/pscanrules/XAspNetVersionScanRule.java