CWE-537
Java Runtime Error Message Containing Sensitive Information
Description
In many cases, an attacker can leverage the conditions that cause unhandled exception errors in order to gain unauthorized access to the system.
Consequences
Confidentiality
—
Read Application Data
Mitigations
Phase: Implementation
Do not expose sensitive error information to the user.