Information leakage on django.aspen.io
Unknown
Vulnerability Details
Hi Team,
I got a error message that disclose the version of nginx with OS detail, since The version of nginx is vulnerable to integer overflow.
Impact:
By seeing this information attacker can throw only interger overflow attack in order to get sensitive information
Finally Request you to remove those Information while throwing an error.
Note: I attached POC in the attachment.
Thank you.
Actions
View on HackerOneReport Stats
- Report ID: 272982
- State: Closed
- Substate: not-applicable
- Upvotes: 2