Project

General

Profile

Actions
Copy link

Story #42

open

Epic #51: Security Points Checking

Server Banner Disclosure

Added by rashmita rout about 2 months ago. Updated about 1 month ago.

Status:
New
Priority:
Medium
Assignee:
Tingg Operation
Target version:
-
Start date:
01/13/2026
Due date:
% Done:

0%

Estimated time:
(Total: 0:00 h)
Acceptance Criteria:

Hide Server version details as they should not be displayed in
the application response.
Additionally, remove X-Powered by header as it discloses the
software or technology that the server is running.

DOR:
No
Story Points:
Work Type:
Feature
User Impact:
Technical Area:
Release Narrative:
Planned Sprint:
Completed In Sprint:
Spillover Reason:
Deployment Reference URL:

Description

The X-Powered-By header often reveals the underlying technology stack or framework used by the server (e.g., PHP, ASP.NET, Apache, etc.). Attackers can leverage this information to tailor their attacks and exploit vulnerabilities specific to those technologies.

Subtasks 1 (1 open0 closed)

Bug #55: Server Banner Disclosure via HTTP Response HeadersNewTingg Operation01/13/2026

Actions
Actions
Copy link
 #1

Updated by rashmita rout about 2 months ago

  • Assignee set to Tingg BE
Actions
Copy link
 #2

Updated by rashmita rout about 1 month ago

  • Parent task changed from #40 to #51
Actions
Copy link
 #3

Updated by rashmita rout about 1 month ago

  • Subject changed from Provide User Option to Manage Active Sessions on Password Change to Server Banner Disclosure
  • Assignee changed from Tingg BE to Tingg Operation
  • Acceptance Criteria updated (diff)
Actions
Copy link
 #4

Updated by rashmita rout about 1 month ago

  • Description updated (diff)

rashmita rout wrote:

As a user, I want to choose whether to log out from all devices or keep existing sessions active when I change my password.

Actions
Copy link
 #5

Updated by rashmita rout about 1 month ago

  • Subtask #55 added
Actions
Copy link

Also available in: Atom PDF