Information Medium Vega has detected what may be absolute filesystem paths in scanned content. Disclosure of these paths reveals information about the filesystem layout. This information can be sensitive, its disclosure can increase the chances of success for other attacks. Absolute paths are often found in error output. Both the system administrators and developers should be made aware, as the problem may be due to an application error or server misconfiguration. Error output containing sensitive information such as absolute system paths should not be sent to remote clients on production servers. This output should be sent to another output stream, such as an error log. Vega has detected a possible absolute filesystem path (i.e. one that is not relative to the web root). This information is sensitive, as it may reveal things about the server environment to an attacker. Knowing filesystem layout can increase the chances of success for blind attacks. Full system paths are very often found in error output. This output should never be sent to clients on production systems. It should be redirected to another output channel (such as an error log) for analysis by developers and system administrators. Information Leakage (OWASP)