Details
Alert Id 10023
Alert Type Passive
Status release
Risk Low
CWE 200
WASC 13
Tags OWASP_2017_A03
OWASP_2021_A01
WSTG-V42-ERRH-01

Summary

The response appeared to contain common error messages returned by platforms such as ASP.NET, and Web-servers such as IIS and Apache. You can configure the list of common debug messages.

Solution

Disable debugging messages before pushing to production.

References

Code

org/zaproxy/zap/extension/pscanrules/InformationDisclosureDebugErrorsScanRule.java