Internal Directory or File Path Leakage on Unix / Linux System
Netsparker identified a possible internal path disclosure (*nix) in the document.
There is no direct impact; however, this information can help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.
First, ensure this is not a false positive. Due to the nature of the issue, Netsparker could not confirm that this file path was actually the real file path of the target web server.
- Error messages should be disabled.
- Remove this kind of sensitive data from the output.