In this defending C# lab the learner will fix a vulnerability that discloses sensitive information in error messages. The lab features an authentication page that discloses whether a specific username is valid or not when invalid authentication credentials are provided, thus allowing valid username enumeration.
Learning Objectives
On successful completion of this lab, learners will demonstrate their ability to:
- Prevent disclosing sensitive information in error messages within C# applications