TRACE method is enabled

Description
  • HTTP TRACE method is enabled on this web server. In the presence of other cross-domain vulnerabilities in web browsers, sensitive header information could be read from any domains that support the HTTP TRACE method.
Remediation
  • Disable TRACE Method on the web server.
References