1
Application presents detailed error messages when sending malformed requests to the server.
Those messages can expose internal paths or technologies, which can be used for further
attacks.
Allow for implementation of custom error messages with no information about used technologies for platform code
or
have an environment be configurable to only showing minimal error code, maybe even just referencing to the servers own log.
STATUS DETAILS
Needs Votes