Details
Alert Id 10023
Alert Type Passive Scan Rule
Status release
Risk
CWE
WASC

Summary

The response appeared to contain common error messages returned by platforms such as ASP.NET, and Web-servers such as IIS and Apache. You can configure the list of common debug messages.

Solution

Disable debugging messages before pushing to production.

References

Code

org/zaproxy/zap/extension/pscanrules/InformationDisclosureDebugErrorsScanRule.java