Description
When you use static HTML pages (for example, Default.htm), a Content-Location header is added to the response. By default, in Internet Information Server (IIS), the Content-Location references the IP address of the server instead of the Fully Qualified Domain Name (FQDN) or Hostname.
Remediation
Check References for details on how to fix this problem.
Related Vulnerabilities
Unrestricted access to NGINX+ Upstream HTTP interface
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5288)
WordPress 5.8.x Multiple Vulnerabilities (5.8 - 5.8.7)
Joomla! Core 3.x.x Information Disclosure (3.4.0 - 3.6.5)
WordPress Plugin Contact Form 7 Database Information Disclosure (1.3)