Medium (5.3)Moderate risk

Verbose Error / Stack Trace Disclosure

A05:2025Passive checkCVSS 5.3

What it is

Detailed error pages leak framework, file paths, versions, and code/query fragments that help attackers.

How attackers abuse it

Left unaddressed, this weakness gives an attacker a foothold they can combine with other issues to reach your data or your users.

Attacker playbook

1Identify where the weakness appears in the app.
2Probe it to confirm the behavior is exploitable.
3Chain it with other findings to increase impact.

How VibeSec detects and confirms it

VibeSec checks for this with a passive, read-only scan that is safe to run on any site. We use VibeSec native and base the finding only on what your site already exposes publicly.

VibeSec native

If this is in your report: how to fix it

Apply the standard fix for this issue class described in your VibeSec report.
Validate and constrain all untrusted input.
Re-scan after fixing to confirm it is resolved.

Check your site for this

Run a scan and see whether this affects you, in plain language with copy-paste fixes.

Scan your site for free

// related capabilities

Hidden Parameter Discovery GraphQL Introspection Enabled WAF Bypass / Evasion Testing Public Exploit Correlation (Exploit-DB)