Internal Path Disclosure (Windows)

Severity: Information

Summary#

Invicti identified a possible Internal Path Disclosure (Windows) in the document.

Impact#

There is no direct impact, however this information can help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.

Remediation#

Ensure this is not a false positive. Due to the nature of the issue, Invicti could not confirm that this file path was actually the real file path of the target web server.

Error messages should be disabled.
Remove this kind of sensitive data from the output.

Classifications#

CAPEC-118, CWE-200, WASC-13, ISO27001-A.8.1.1, HIPAA-164.306(a), 164.308(a)

Select Category

Critical
High
Medium
Low
Best Practice
Information

Search Vulnerability

Related Vulnerabilities