PCI v3.2-6.5.5
CAPEC-118
CWE-210
HIPAA-164.306(a), 164.308(a)
ISO27001-A.18.1.3
WASC-13
OWASP 2013-A5
OWASP 2017-A6

Programming Error Message

Severity:
Low
Summary

Invicti identified a Programming Error Message.

Impact

The error message may disclose sensitive information and this information can be used by an attacker to mount new attacks or to enlarge the attack surface. Source code, stack trace, etc. data may be disclosed. Most of these issues will be identified and reported separately by Invicti.

Remediation

Do not provide error messages on production environments. Save error messages with a reference number to a backend storage such as a log, text file or database, then show this number and a static user-friendly error message to the user.

Required Skills for Successful Exploitation
Actions To Take
Classifications
PCI v3.2-6.5.5
CAPEC-118
CWE-210
HIPAA-164.306(a), 164.308(a)
ISO27001-A.18.1.3
WASC-13
OWASP 2013-A5
OWASP 2017-A6
Vulnerability Index

You can search and find all vulnerabilities

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Related Vulnerabilities

Featured resources

No items found.
No items found.
View all resources

Build your resistance to threats. And save hundreds of hours each month.

Get a Demo