Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

RTC Vulnerability report - Content Type header is missing for specific URLs

 Hi,


We ran a vulnerability test against /ccm and have a reported vulnerability against https://<host>/ccm/web/net.jazz.ajax/.
What is the reason ? How do we address this ?

0 votes



One answer

Permanent link

When we access the URL from the browser, a file with .dms extension is downloaded which is of zero bytes size.

Since there is no content to be displayed, the content-type header is not included in the response. However, the 200 HTTP response only indicates that the request was completed.

0 votes

Comments

 This vulnerability can be safely ignored.

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 7,487

Question asked: Aug 19 '19, 3:11 a.m.

Question was seen: 2,049 times

Last updated: Aug 19 '19, 4:39 a.m.

Confirmation Cancel Confirm