[ICE-11532] Remove "X-Powered-By: ICEfacesEE" HTTP header - ICEsoft JIRA Issue Tracker

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: EE-3.3.0.GA, EE-4.3.0.GA
Fix Version/s: EE-4.3.0.GA_P04, EE-3.3.0.GA_P10
Component/s: Framework
Labels:
None
Environment:
ICEfaces EE

Description

The "X-Powered-By: ICEfacesEE" HTTP header reveals that the application uses the ICEFacesEE, which may be used to attackers to formulate an attack.

This is considered to be a security vulnerability.

This JIRA is to remove this header from the ICEfaces EE products.

Activity

Ascending order - Click to sort in descending order

Ken Fyten created issue - 10/Mar/22 8:39 AM

Ken Fyten made changes - 10/Mar/22 8:39 AM

Field	Original Value	New Value
Fix Version/s		EE-4.3.0.GA_P04 [ 13876 ]
Fix Version/s		EE-3.3.0.GA_P10 [ 13877 ]

Ken Fyten made changes - 10/Mar/22 8:39 AM

Assignee

Ken Fyten [ ken.fyten ]

Ken Fyten made changes - 12/Oct/22 2:14 PM

Assignee

Ken Fyten [ ken.fyten ]

Arturo Zambrano [ artzambrano ]

Arturo Zambrano made changes - 13/Oct/22 2:54 PM

Status	Open [ 1 ]	Resolved [ 5 ]
Resolution		Fixed [ 1 ]

People

Assignee:

Arturo Zambrano

Reporter:

Ken Fyten

Votes:

0 Vote for this issue

Watchers:

2 Start watching this issue

Dates

Created:

10/Mar/22 8:39 AM

Updated:

13/Oct/22 2:54 PM

Resolved:

13/Oct/22 2:54 PM