Summary #

Invicti identified an internal server error.

The server responded with an HTTP status 500, indicating there is a server-side error. Reasons may vary, and the behavior should be analyzed carefully. If Invicti is able to find a security issue in the same resource, it will report this as a separate vulnerability.

Impact #
The impact may vary depending on the condition. Generally this indicates poor coding practices, not enough error checking, sanitization and whitelisting. However, there might be a bigger issue, such as SQL injection. If that's the case, Netsparker will check for other possible issues and report them separately.
Remediation #
Analyze this issue and review the application code in order to handle unexpected errors; this should be a generic practice, which does not disclose further information upon an error. All errors should be handled server-side only.
Classifications #
CWE-550; ISO27001-A.14.1.2; WASC-13

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo