Summary #

Invicti detected tha the applicaton does not handle uncaught exceptions.

The uncaughtException event is emitted when an uncaught JavaScript exception bubbles all the way back to the event loop. By default, Node.js handles such exceptions by printing the stack trace to stderr and exiting with code 1. It's recommended to implement a handler function for this unhandled event.

Impact #

An attacker can force the web application to terminate by generating an exception.

Actions To Take #

Your web application should implement a handler function for the uncaughtException event.

Classifications #
CWE-248; WASC-14; OWASP 2013-A5; OWASP 2017-A6 , CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities


Search Vulnerability


Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo