Description
This web application is configured with the serviceDebug property includeExceptionDetailInFaults set to true. When configured this way, the WCF service will disclose exception details to clients.
Remediation
It's recommended to disable showing exception details to clients by setting the serviceDebug property includeExceptionDetailInFaults set to false.
<serviceDebug includeExceptionDetailInFaults="false" />
References
Related Vulnerabilities
WordPress Plugin MiwoFTP-File & Folder Manager Arbitrary File Download (1.0.5)
WordPress Plugin wptf-image-gallery Arbitrary File Download (1.0.3)
WordPress Plugin U Extended Comment 'fileurl' Parameter Arbitrary File Download (1.0.1)
Spring Boot Misconfiguration: Developer tools enabled on production