Details | |
---|---|
Alert ID | 10052 |
Alert Type | Passive |
Status | release |
Risk | Medium |
CWE | 532 |
WASC | 13 |
Technologies Targeted | All |
Tags |
CWE-532 OWASP_2017_A03 OWASP_2021_A04 POLICY_PENTEST POLICY_QA_STD WSTG-V42-INFO-05 |
More Info |
Scan Rule Help |
Summary
The server is leaking information through the X-ChromeLogger-Data (or X-ChromePhp-Data) response header. The content of such headers can be customized by the developer, however it is not uncommon to find: server file system locations, vhost declarations, etc.