The stack trace displayed on the default error page is displayed verbatim without running it through a sanitizer. This can be exploited by an attacker to execute arbitrary JavaScript code in the context of the browser of a legitimate logged in user.

-</p>

Make your website safer. Use external penetration testing (http://www.beyondsecurity.com/penetration-testing.html) service. First report ready in one hour!</p>

**Hidden Content: Check the thread to see hidden data.**