Skip to content

Information Disclosure: Console Error

Identifier: console_error

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner ASM Scanner

Description

Console errors can expose internal details about applications that could help attackers identify weaknesses or understand the technology stack being used, potentially increasing the risk of security breaches.

How we test: We analyze browser console output and frontend error handling to detect if detailed error messages are exposed in production environments. We check if errors reveal sensitive information about application structure, stack traces, or internal details that could aid attackers.

Configuration

Example

Example configuration:

---
security_tests:
  console_error:
    skip: false

Reference

skip

Type : boolean

Skip the test if true.