News & Articles

Our articles and guides on how to protect your startup from cybercriminals

Read about all the security issues that we find during our automated security reviews, and how to solve them.

Latest Articles

All
ISO 27001
All
SOC 2
All
Vulnerabilities
All
Mitigations

X-Backend-Server Header Information Leak

The X-Backend-Server Header Information Leak vulnerability occurs when the application exposes sensitive information about its backend server in the HTTP response headers. Attackers can use this information to launch sophisticated attacks.

Vulnerabilities

Content Security Policy (CSP) Header Not Set

Content Security Policy (CSP) is a security feature that helps prevent code injection attacks by defining and enforcing a whitelist of approved content sources. It does this by defining a policy. If the CSP header is not set correctly, attackers can inject malicious scripts into your web application, leading to potential data theft, or unauthorized access.

Vulnerabilities

Server Leaks Version Information via 'Server' HTTP Response Header Field

'Server Leaks Version Information via 'Server' HTTP Response Header Field.' This vulnerability occurs when the web server leaks information about the software and its version used in the application through the HTTP response header field, making it easier for attackers to find potential weaknesses to exploit

Vulnerabilities

Server Leaks its Webserver Application via 'Server' HTTP Response Header Field

"Server Leaks its Webserver Application via 'Server' HTTP Response Header Field" vulnerability is a security issue that allows attackers to identify the technology stack of the web server, including its version and operating system, and use this information to launch further attacks.

Vulnerabilities

HTTP Server Response Header

HTTP Server Response Header is a vulnerability that can be exploited by attackers to gather information about the web server and the software it is running, and launch targeted attacks against the web application.

Vulnerabilities

Viewstate

Viewstate is a feature of ASP.NET web applications that helps maintain the state of the page across postbacks. However, if the Viewstate is not properly protected, it can be easily exploited by attackers to tamper with the state of the application or steal sensitive information.

Vulnerabilities