CWE-211
Externally-Generated Error Message Containing Sensitive Information
The product performs an operation that triggers an external diagnostic or error message that is not directly generated or controlled by the product, such as an error generated by the programming language interpreter that a software application uses. The error can contain sensitive system information.
Official CWE-211 definition at MITREImpactr finds and proves weaknesses like CWE-211 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist