Summary
Acunetix 360 identified a stack trace disclosure (Java) in the target web server's HTTP response.
Impact
An attacker can obtain information such as:
- Tomcat version.
- Physical file path of Tomcat files.
- Information about the generated exception.
Remediation
Apply the following configuration to your
web.xml
file to prevent information leakage by applying custom error pages.<error-page> <error-code>500</error-code> <location>/server_error.html</location> </error-page>