The HTTP TRACE method is intended for debugging reasons. If enabled, the web server will react to TRACE method requests by repeating the identical request that was received in its response.
This behavior is usually innocuous, but it might occasionally expose sensitive information, such as internal authentication headers inserted by reverse proxies. Historically, this feature could be used to override the HttpOnly cookie flag on cookies, however, this is no longer available in newer web browsers.
ZOFixer.com security scan helps to find this vulnerability in your software and server, you can easily use it by registering on our website and activating the 30-day trial.