search

geosolutions-it / MapStore2

The solution to create and share maps, dashboards, geostories with 3D support on the web. And it is open-source too!
https://mapstore.geosolutionsgroup.com/
Other
504 stars 388 forks source link

MapStore leaks tomcat version number #10410

Open fvanderbiest opened 3 months ago

fvanderbiest commented 3 months ago

https://mapstore.geosolutionsgroup.com/mapstore/sdsdd displays "Apache Tomcat/9.0.65" This is a security issue, as attackers can see which vulnerabilities to target.

edevosc2c commented 3 months ago

Seems like you can hide it like explained here: https://stackoverflow.com/questions/2266475/which-is-the-best-way-to-mask-hide-tomcat-version-from-error-pages

We should probably include this file in the default Dockerfile.