Description

The ASP.NET application trace is enabled. This file contains sensitive information such as Session ID values and physical path to the requested file.

Remediation

Remove this file from your website or change its permissions to remove access.

References

How to: Enable Tracing for an ASP.NET Application

Related Vulnerabilities

WordPress Plugin Gravity Forms Information Disclosure (2.4.8)

WordPress Plugin W3 Total Cache Information Disclosure (0.9.2.4)

PHP register_globals Is Enabled

WordPress configuration file weak file permissions

WordPress Plugin Easy Contact Forms Export 'file' Parameter Information Disclosure (1.1.0)

Severity

High

Classification

CWE-215 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration Information Disclosure