Hi ,
I am a security researcher. I have discovered some of the bugs in your website which i have listed it below:
1 TRACE method is enabled
Description:
HTTP TRACE method is enabled on this web server. In the presence of other cross-domain vulnerabilities in web browsers, sensitive header information could be read from any domains that support the HTTP TRACE method.
Impact:
Attackers may abuse HTTP TRACE functionality to gain access to information in HTTP headers such as cookies and authentication data.
2 OPTIONS method is enabled
Description:
HTTP OPTIONS method is enabled on this web server. The OPTIONS method provides a list of the methods that are supported by the web server, it represents a request for information about the communication options available on the request/response chain identified by the Request-URI.
Impact:
The OPTIONS method may expose sensitive information that may help an malicious user to prepare more advanced attacks.
Hi , I am a security researcher. I have discovered some of the bugs in your website which i have listed it below:
1 TRACE method is enabled
Description: HTTP TRACE method is enabled on this web server. In the presence of other cross-domain vulnerabilities in web browsers, sensitive header information could be read from any domains that support the HTTP TRACE method.
Impact:
Attackers may abuse HTTP TRACE functionality to gain access to information in HTTP headers such as cookies and authentication data.
2 OPTIONS method is enabled
Description: HTTP OPTIONS method is enabled on this web server. The OPTIONS method provides a list of the methods that are supported by the web server, it represents a request for information about the communication options available on the request/response chain identified by the Request-URI.
Impact:
The OPTIONS method may expose sensitive information that may help an malicious user to prepare more advanced attacks.
Please fix the bugs as soon as possible.
Thank you.