Internal Server Error

Severity: Low
Summary#

Invicti identified an internal server error.

The server responded with an HTTP status 500, indicating there is a server-side error. Reasons may vary, and the behavior should be analyzed carefully. If Invicti is able to find a security issue in the same resource, it will report this as a separate vulnerability.

Impact#
The impact may vary depending on the condition. Generally this indicates poor coding practices, not enough error checking, sanitization and whitelisting. However, there might be a bigger issue, such as SQL injection. If that's the case, Invicti will check for other possible issues and report them separately.
Remediation#
Analyze this issue and review the application code in order to handle unexpected errors; this should be a generic practice, which does not disclose further information upon an error. All errors should be handled server-side only.
Classifications#

Build your resistance to threats. And save hundreds of hours each month.

Get a demo See how it works