Private IP Disclosure
- Risk:
Low
- Type:
- Passive
- CWE:
- CWE-200
- Summary
A private IP (such as 10.x.x.x, 172.x.x.x, 192.168.x.x) or an Amazon EC2 private hostname (for example, ip-10-0-56-78) has been found in the HTTP response body. This information might be helpful for further attacks targeting internal systems.
- Solution
Remove the private IP address from the HTTP response body. For comments, use JSP/ASP/PHP comment instead of HTML/JavaScript comment which can be seen by client browsers.
- Other info
- 192.168.36.127
- References
Free security scan for your website