CWE for "Misconfigured server allows insecure https request to IP-addressed URL"?
I’m doing a vulnerability assessment for a whole slew of web servers, and almost every single one of them (hundreds) are misconfigured like the following two examples:
Case 1: one or more hostnames resolve to the server’s IP address (let’s… Continue reading CWE for "Misconfigured server allows insecure https request to IP-addressed URL"?