Internal Path Disclosure (Windows)

Severity: Information
Summary#

Invicti identified a possible Internal Path Disclosure (Windows) in the document.

Impact#
There is no direct impact, however this information can help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.
Remediation#
Ensure this is not a false positive. Due to the nature of the issue, Invicti could not confirm that this file path was actually the real file path of the target web server.
  • Error messages should be disabled.
  • Remove this kind of sensitive data from the output.
Invicti

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo