It's all about the answers!

Ask a question

RTC Vulnerability report - Content Type header is missing for specific URLs


Bharath Rao (4064) | asked Aug 19, 3:11 a.m.

 Hi,


We ran a vulnerability test against /ccm and have a reported vulnerability against https://<host>/ccm/web/net.jazz.ajax/.
What is the reason ? How do we address this ?

One answer



permanent link
Bharath Rao (4064) | answered Aug 19, 3:14 a.m.

When we access the URL from the browser, a file with .dms extension is downloaded which is of zero bytes size.

Since there is no content to be displayed, the content-type header is not included in the response. However, the 200 HTTP response only indicates that the request was completed.


Comments
Bharath Rao commented Aug 19, 4:39 a.m.

 This vulnerability can be safely ignored.

Your answer


Register or to post your answer.