Parameter Tampering

Parameter manipulation caused an error page or Java stack trace to be displayed. This indicated lack of exception handling and potential areas for further exploit.

Parameter tampering revealing error pages or stack traces exposes sensitive implementation details that attackers can use to refine their attacks. Stack traces may reveal framework versions, file paths, database schemas, or internal logic that helps attackers identify additional vulnerabilities. The lack of proper exception handling indicates inadequate input validation, suggesting that other more serious vulnerabilities like SQL injection, authentication bypass, or authorization flaws may exist in the same code paths that fail to properly validate and handle malformed input.

Identify the cause of the error and fix it. Do not trust client side input and enforce a tight check in the server side. Besides, catch the exception properly. Use a generic 500 error page for internal server error.