CWE-536: Servlet Runtime Error Message Containing Sensitive Information

影响范围: Confidentiality

技术影响: Read Application Data

说明: The error message may contain the location of the file in which the offending function is located. This may disclose the web root's absolute path as well as give the attacker the location of application files or configuration information. It may even disclose the portion of code that failed. In many cases, an attacker can use the data to launch further attacks against the system.