Http X Aspnet Mvc Version Leak
Description
Detects when an ASP.NET MVC application exposes its framework version through the X-AspNetMvc-Version HTTP response header. Disclosing framework versions helps attackers identify potentially vulnerable versions to target for exploitation.
Detection Strategy
• Examines HTTP response headers for presence of X-AspNetMvc-Version header
• Reports a vulnerability if the X-AspNetMvc-Version header is found in the response
• The header value containing the version number is captured as evidence
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.