Improper handling of errors can introduce a variety of security problems for a application. The most common problem is when detailed internal error messages such as stack traces, database dumps, and error codes are displayed to the user (hacker). These messages reveal implementation details that should never be revealed. Such details can provide hackers important clues on potential flaws in the site and such messages are also disturbing to normal users.

It is recommended to handle exceptions internally and do not display errors containing potentially sensitive information to a user and also configure server to create default error pages or messages that do not leak any information.