Summary

Acunetix 360 identified a possible Internal Path Disclosure (Windows) in the document.

Impact

There is no direct impact, however this information can help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.

Remediation

Ensure this is not a false positive. Due to the nature of the issue, Acunetix 360 could not confirm that this file path was actually the real file path of the target web server.
  • Error messages should be disabled.
  • Remove this kind of sensitive data from the output.

Severity

Information

Classification

CAPEC-118 CWE-200 HIPAA-164.306(a) 164.308(a) ISO27001-A.8.1.1 WASC-13