Deutsche Version (DE_DE)
English version (EN_US)
Test Methods ( Detailed Overview )
Here is a list of every test performed by Web Scan Service.
HTTP TRACK Method Cross-Site ScriptingRemediation Task
Disable unnecessary componentsWASC ClassificationClient-side Attacks: Cross-site ScriptingAffected ProductsMicrosoft IIS / Potentially possibly on ApacheTechnical DescriptionHTTP TRACK is enabled on the web server. HTTP TRACK request method allows that the data received by the server is sent back to the client. The TRACK method could be used from a malicious user to start a Cross-Site scripting attack.Fix RecommendationThis problem has to be solved in the configuration of the web server: Deactivate TRACK Method.
Technical DescriptionHTTP TRACK is enabled on the web server. HTTP TRACK request method allows that the data received by the server is sent back to the client. The TRACK method could be used from a malicious user to start a Cross-Site scripting attack.Fix RecommendationThis problem has to be solved in the configuration of the web server: Deactivate TRACK Method.
This problem has to be solved in the configuration of the web server: Deactivate TRACK Method.
