Severity: Low
Netsparker identified a version disclosure (ASP.NET MVC framework) in target web server's HTTP response.
This information can help an attacker gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of ASP.NET MVC framework.
X-AspNetMvc-Version
header of its HTTP response by adding the following code to the Application_Start()
function in Global.asax.cs
:
MvcHandler.DisableMvcResponseHeader = true;