Sensitive information disclosure via response headers on jenkins.brew.sh
Low
Vulnerability Details
While logging into jenkins.brew.sh site, the vulnerable nginx version is disclosed via response headers.
There is a chance with known vulnerabilities this could be compromised. so better to avoid banner disclosure with "Server Tokens Prod off" modification in conf file.
Please let me know if any further information is required.
Regards,
Mr_R3boot.
Actions
View on HackerOneReport Stats
- Report ID: 222063
- State: Closed
- Substate: duplicate
- Upvotes: 1