Parameter Tampering
- Risk:
Medium
- Type:
- Active
- CWE:
- CWE-472
- Summary
Parameter manipulation caused an error page or Java stack trace to be displayed. This indicated lack of exception handling and potential areas for further exploit.
- Solution
Identify the cause of the error and fix it. Do not trust client side input and enforce a tight check in the server side. Besides, catch the exception properly. Use a generic 500 error page for internal server error.
Free security scan for your website