Detail

Internal Path Disclosure (Windows)

Severity: Information

Summary #

Invicti identified a possible Internal Path Disclosure (Windows) in the document.

Impact #
There is no direct impact, however this information can help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.
Remediation #
Ensure this is not a false positive. Due to the nature of the issue, Netsparker could not confirm that this file path was actually the real file path of the target web server.
  • Error messages should be disabled.
  • Remove this kind of sensitive data from the output.
Classifications #
CAPEC-118; CWE-200; HIPAA-164.306(a), 164.308(a); ISO27001-A.8.1.1; WASC-13; OWASP PC-C7
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities

Select Category

OR

Search Vulnerability

Related Vulnerabilities

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo

Invicti Security Corp
220 Industrial Blvd Ste 102
Austin, TX 78745

© Invicti 2022

RESOURCES

USE CASES

WEB SECURITY

COMPANY

© Invicti 2022

SSA Privacy Policy California Privacy Rights Terms of Use Accessibility Sitemap