Template:OWASP Secure Configuration Guide

This article is part of the OWASP Secure Configuration Guide.

Back to the OWASP Secure Configuration Guide ToC: https://www.owasp.org/index.php/Secure_Configuration_Guide Back to the OWASP Secure Configuration Guide Project: https://www.owasp.org/index.php/OWASP_Secure_Configuration_Guide

Secure Configuration Guide page structure is presented below. Please use the template to make the Guide more clean and unified.

Summary
A detailed description of the product (can be taken from the official website)

Description
%ProductName% allows unauthorized attacker to list all users of the system ...

// Detailed description of the impact.

How to test
In order to test for %Misconfiguration_1%, one should ...

// Please include the screenshots and widely known tools/scanners!

Remediation
Initial/common value of parameter "listUsers" from config.xml is set to "true".

To assess the vulnerability it is enough to change the value to false:

false

Misconfiguration 2
...