Internal Path Disclosure (Windows)

Severity: Information

Invicti identified a possible Internal Path Disclosure (Windows) in the document.

There is no direct impact, however this information can help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.
Ensure this is not a false positive. Due to the nature of the issue, Invicti could not confirm that this file path was actually the real file path of the target web server.
  • Error messages should be disabled.
  • Remove this kind of sensitive data from the output.

Build your resistance to threats. And save hundreds of hours each month.

Get a demo See how it works