CWE-756Missing Custom Error Page

PUBLISHEDweakness record
released 2009-03-10 · last modified 2026-04-30

Metadata

CWE ID:
CWE-756
摘要:
Base
结构:
Simple
状态:
Incomplete
发布日期:
2009-03-10
更新日期:
2026-04-30

名称

Missing Custom Error Page

描述

The product does not return custom error pages to the user, possibly exposing sensitive information.

常见后果

范围:
Confidentiality
影响:
Read Application Data
注释:
Attackers can leverage the additional information provided by a default error page to mount attacks targeted on the framework, database, or other resources used by the application.

相关 CWE