Parameter Tampering

Type: Active Scan

Risk: Medium


Parameter manipulation caused an error page or Java stack trace to be displayed. This indicated lack of exception handling and potential areas for further exploit.


Identify the cause of the error and fix it. Do not trust client side input and enforce a tight check in the server side. Besides, catch the exception properly. Use a generic 500 error page for internal server error.

CWE: 472

WASC: 20


Last updated: 2020-04-30 16:12:39.623Z