Netsparker identified a Windows username disclosure in the error message.
Impact
An attacker can perform brute-force or dictionary-based password guessing on the disclosed username. It may also help the attacker identify other vulnerabilities or further their exploitation of other identified vulnerabilities.
Remediation
Error messages should be disabled.
Remove this kind of sensitive data from the output.