User-190152932 posted
I have a standard C# MVC project it is live and we have an open bug bounty program, a user has mentioned we are showing a Version information leak using headers, as in they can see:
X-AspNet-Version: 4.0.30319
They have said:
"The version of aspnet is leaked. Which will help attacker to find vulnerable CVEs and exploit the vulnerability"
I should be aiming to not show this, I have my site hosted with an external company so my question is how do I not show this to external users? Any know thanks in advance :)