Description

HTTP TRACE method is enabled on this web server. In the presence of other cross-domain vulnerabilities in web browsers, sensitive header information could be read from any domains that support the HTTP TRACE method.

Remediation

Disable TRACE Method on the web server.

References

Related Vulnerabilities