Closed Sajibekanti closed 7 years ago
I've filed an issue for the infrastructure team.
Reward or Credit ?
Sorry, we don't do that.
So I Can Get Credit
I'm not sure what you mean. Do you want us to publicly acknowledge your report?
yes you understood
Hello I am Sajibe kanti I Have Found A Bug on your Web .
Vulnerability : Nginx version disclosure via forbidden Page
This information might help an attacker gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of Nginx.
Impact: An attacker might use the disclosed information to harvest specific security vulnerabilities for the version identified.
Steps to reproduce:
Go to http://jqueryui.com/jquery-wp-content/themes/jqueryui.com/i/
Now the nginx version shows in bottom.
Reference : https://hackerone.com/reports/194319
Thanks Sajibe Kanti