Skip to content

Protocol: Server Error

Identifier: server_error

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner ASM Scanner

Description

Server errors can reveal system configuration details and provide attackers with information to probe for vulnerabilities, potentially leading to service disruption or unauthorized data access.

How we test: We monitor responses for server error status codes such as 500 Internal Server Error. We analyze error responses to detect if they expose sensitive information about system configuration, file paths, or internal application structure that could aid attackers.

Configuration

Example

Example configuration:

---
security_tests:
  server_error:
    skip: false

Reference

skip

Type : boolean

Skip the test if true.