wathne / dat250-2024-assignment

MIT License
0 stars 0 forks source link

Application Error Disclosure #2

Open LisaCabot opened 1 week ago

LisaCabot commented 1 week ago

Description: The page has an error message that discloses sensitive information, like parts of the code. Potential Impact: It can be used to further attack the site, using the information to launch, for example, an SQL injection. The impact depends on what attack we use after finding this information. Affected part of the application: Backend Type of vulnerability: Exposure of Sensitive Information to an Unauthorized Actor (https://cwe.mitre.org/data/definitions/200.html)