Description

The ASP.NET application trace is enabled. This file contains sensitive information such as Session ID values and physical path to the requested file.

Remediation

Remove this file from your website or change its permissions to remove access.

References

How to: Enable Tracing for an ASP.NET Application

Related Vulnerabilities

WordPress Plugin Swim Team Arbitrary File Download (1.44.1077)

CodeIgniter development mode enabled

WordPress Plugin Download Zip Attachments Arbitrary File Download (1.0.0)

WordPress Plugin Super Refer A Friend Information Disclosure (1.0)

Yii debug mode enabled

Severity

High

Classification

CWE-215 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration Information Disclosure