Error Message (ASP.NET)
- PCI 3.2-6.5.5
- OWASP 2013-A5
Application error or warning messages may expose sensitive information about an application's internal workings to an attacker. The message may also contain the location of the file that produced an unhandled exception.
Remediation
Verify that this page is disclosing error or warning messages and properly configure the application to log errors to a file instead of displaying the error to the user.
References
Go Back to List
Search Vulnerability
You may also see
- Error Message (PHP)
- Error Message (MySQL)
- Error Message (ASP.NET)
- Error Message (SQLite)
- Long Redirect Response
- Error Message
- Stack Trace
- Internal Path
- Not Secure Cookie
- Not Http-Only Cookie
- Sensitive Data in Query String
- Sensitive Data over HTTP
- Server Error
- Source Code Disclosure
- Information Leakage
- Web Backdoor
- Database Connection String
- Autocomplete Enabled
- Undefined Content-Type Header
- Missing X-Frame-Options Header
- Mixed Content
- Insecure iFrame
- XPath Injection
- Basic Authentication over HTTP
- Forbidden Resource
- Multiple Choices Enabled
- Apache MultiViews Enabled