1

Application presents detailed error messages when sending malformed requests to the server.

Those messages can expose internal paths or technologies, which can be used for further

attacks.


Allow for implementation of custom error messages with no information about used technologies for platform code

or

have an environment be configurable to only showing minimal error code, maybe even just referencing to the servers own log.

Category: General
STATUS DETAILS
Needs Votes