← Back to Findings

info Information Disclosure - Debug Error Messages

Details

Severityinfo
StatusOpen
Enginezap
Target URLhttps://easm.liifecore.com/settings
First Seen2026-07-14 03:00:20 UTC
Last Seen2026-07-14 03:00:20 UTC
CWECWE-1295

Description

The response appeared to contain common error messages returned by platforms such as ASP.NET, and Web-servers such as IIS and Apache. You can configure the list of common debug messages.

Evidence

Internal Server Error

Raw Output

{
  "alert": "Information Disclosure - Debug Error Messages",
  "alertRef": "10023",
  "attack": "",
  "confidence": "Medium",
  "cweid": "1295",
  "description": "The response appeared to contain common error messages returned by platforms such as ASP.NET, and Web-servers such as IIS and Apache. You can configure the list of common debug messages.",
  "evidence": "Internal Server Error",
  "id": "74",
  "inputVector": "",
  "messageId": "175",
  "method": "GET",
  "name": "Information Disclosure - Debug Error Messages",
  "other": "",
  "param": "",
  "pluginId": "10023",
  "reference": "",
  "risk": "Low",
  "solution": "Disable debugging messages before pushing to production.",
  "sourceMessageId": 175,
  "sourceid": "3",
  "tags": {
    "CWE-1295": "https://cwe.mitre.org/data/definitions/1295.html",
    "OWASP_2017_A03": "https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure.html",
    "OWASP_2021_A01": "https://owasp.org/Top10/A01_2021-Broken_Access_Control/",
    "POLICY_PENTEST": "",
    "WSTG-v42-ERRH-01": "https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/08-Testing_for_Error_Handling/01-Testing_For_Improper_Error_Handling"
  },
  "url": "https://easm.liifecore.com/settings",
  "wascid": "13"
}

Update Status