rbeckman-nextgen / test-mc3

0 stars 0 forks source link

Mirth API Call Returns Stack Trace - Providing debugging information as a result of operations that generate errors is considered a bad practice due to multiple reasons #4325

Open rbeckman-nextgen opened 4 years ago

rbeckman-nextgen commented 4 years ago

Mirth API Calls can return stack traces. This is considered a bad practice by the OWASP. https://www.owasp.org/index.php/Testing_for_Stack_Traces_(OTG-ERR-002)

Steps

  1. https://127.0.0.1:8443/api/#
  2. Login
  3. POST /users - Body: test
  4. POST /users - Body: test

Imported Issue. Original Details: Jira Issue Key: MIRTH-4470 Reporter: michaelleehobbs Created: 2019-10-27T14:24:08.000-0700