![Hiding additional data from response Header - AssetWise ALIM - Wiki - AssetWise ALIM - Bentley Communities Hiding additional data from response Header - AssetWise ALIM - Wiki - AssetWise ALIM - Bentley Communities](https://communities.bentley.com/cfs-file.ashx/__key/communityserver-wikis-components-files/00-00-00-01-63/IIS1.png)
Hiding additional data from response Header - AssetWise ALIM - Wiki - AssetWise ALIM - Bentley Communities
David Longenecker on Twitter: "Still limited to server and win10 versions 2004 and 20H2, but looks like the exposure for the wormable RCE CVE-2021-31166 in http.sys is a lot bigger than initially
![Host Header Attack -> Password Reset Poisoning -> ASP.NET Web API 2 hosted as Azure App Services - Information Security Stack Exchange Host Header Attack -> Password Reset Poisoning -> ASP.NET Web API 2 hosted as Azure App Services - Information Security Stack Exchange](https://i.stack.imgur.com/rusR4.png)
Host Header Attack -> Password Reset Poisoning -> ASP.NET Web API 2 hosted as Azure App Services - Information Security Stack Exchange
![An HTTP header that's mandatory for this request is not specified: One Cause for Azure Error Message | Coding Out Loud An HTTP header that's mandatory for this request is not specified: One Cause for Azure Error Message | Coding Out Loud](https://codingoutloud.files.wordpress.com/2010/10/image_thumb11.png?w=644&h=173)