This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Content spoofing in error pages

Given the path below the Sophos Web Application Firewall is returning a not found error but it displays the requested resource on the page which opens up the ability to spoof the content with a malicious message. You can see the message in the URL and screenshot below. Is there any way to change the message on the page to remove the URL that is printed to the page?

sitename.com//hack-me.com was not found. Please go to www.hackme.com or contact the admin at hack@me.com. The requested URL

 



This thread was automatically locked due to age.