Parameter Tampering
- Risk:
Medium
- Type:
- Active
- CWE:
- 472
- Summary
- Parameter manipulation caused an error page or Java stack trace to be displayed. This indicated lack of exception handling and potential areas for further exploit.
- Solution
- Identify the cause of the error and fix it. Do not trust client side input and enforce a tight check in the server side. Besides, catch the exception properly. Use a generic 500 error page for internal server error.