Technical information leak - Stacktrace
Description
Errors or exceptional events are not properly handled by the application allowing an attacker to disclose technical information from system error traces:
Impact
Exhibit technical information of the system.
Recommendation
- Remove functions that print technical information such as PrintStacktrace from the source code - Handle errors with typified exceptions and store them in duly protected logs
Threat
Internal attacker with access to the server console.
Expected Remediation Time
⏱️ 15 minutes.