Description

The application does not perform proper exception handling. Empty _catch_ statements are found, or _try_ statements without their respective _catch_. This behavior can make the application temporarily or permanently unavailable by presenting errors that are not being handled.

Impact

- Generate the crash of the application due to errors that are not being taken into account. - Lose the traceability of the errors presented.

Recommendation

For every _try_ sentence define its respective _catch_ handling the exception accordingly.

Threat

Authenticated attacker from the Internet.

Expected Remediation Time

⏱️ 40 minutes.

Requirements

Fixes