-
Type:
Bug
-
Status: Closed
-
Priority:
Low
-
Resolution: Cannot Reproduce
-
Affects Version/s: None
-
Fix Version/s: None
-
Component/s: None
-
Labels:None
-
Environment:Production
-
Bug Severity:Medium
-
Level:Admin, Partner
-
Module:BenAdmin - Security
-
Reported by:Harbinger
-
Company:All Clients/Multiple Clients
-
Item State:Development - In Analysis
This page contains an error/warning message that may disclose sensitive information like the location of the file that produced the unhandled exception. This information can be used to launch further attacks against the web application. The alert could be a false positive if the error message is found inside a documentation page.
For more details please refer attached HTML report.
- relates to
-
NF-2714 Vulnerability Assessment and Penetration Testing for Workterra on Azure US environment.
-
- To Do
-
Hi Prasad Pise,
I am not able to reproduce this 'Yellow Screen of Death' behavior . I observed that tool is giving suggestion based on the client side java script code scan. It is the default behavior of any browser technology that you can view source code in browser.
If you think you can do any malicious thing out of it, please let me know. But this doesn't seems to be vulnerable, and not reproducible manually as well.
See attached screen, which will useful to understand, based on what , ZAP tool has given this suggestion.
Regards,
Santosh