Home / Vulnerability Database / C-sharp : Debug code

C-sharp : Debug code

Classification

OWASP ASVS

Configuration

PCI DSS 4.0

6.2.4

CWE

CWE-11 CWE-489

Overview

The application contains debugging code. It can contain undocumented entry points.

Implementation of undocumented “backdoors” for testing and correcting errors is a common practice in the application development. This code must be deleted from the final version of the application. If not, the application is vulnerable, since it permits actions not described by the documentation.

The most common example of debugging code in a web application is the Main() method.

References

CWE-489: Leftover Debug Code
CWE-11

LOW

C-sharp : Debug code

Classification

Overview

References

DerScanner Severity Score

Do you want to fix C-sharp : Debug code in your application?

See also

C-sharp : JWT: None Algorithm

C-sharp : Insecure data transmission: Database

C-sharp : Only one of method Equals() and GetHashCode() defined