/alerttags/wstg-v42-info-02/ Recent content in WSTG-V42-INFO-02 on ZAP Hugo en-us /docs/alerts/50007-2/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/50007-2/ <p>The server is using &ldquo;Example GraphQL Engine&rdquo;, which is a GraphQL implementation for &ldquo;Example Technology 1&rdquo; and &ldquo;Example Technology 2&rdquo;.</p> /docs/alerts/10009/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10009/ <p>The server returned a version banner string in the response content. Such information leaks may allow attackers to further target specific issues impacting the product and version in use.</p> /docs/alerts/10036-1/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10036-1/ <p>The web/application server is leaking the application it uses as a webserver via the &ldquo;Server&rdquo; HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to. This information alone, i.e. without a version string, is not very dangerous for the security of a server, nevertheless this information in the response header field is almost always useless and thus just an obsolete attacking vector.</p> /docs/alerts/10036-2/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10036-2/ <p>The web/application server is leaking version information via the &ldquo;Server&rdquo; HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.</p> /docs/alerts/10039/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/10039/ <p>The server is leaking information pertaining to backend systems (such as hostnames or IP addresses). Armed with this information an attacker may be able to attack other systems or more directly/efficiently attack those systems.</p>