Hello all
What is the umbraco/localizedtext file that all Umbraco sites seem to have?
My IT security team keep sending me reports from AppCheck to say that the file is High Risk due to stack traces.
Not sure what to do.
David
What file do you mean? And what is high risk about it? Could you give some more information?
If you put /umbraco/localizedtext on the end of any umbraco site you get the text file.
umbraco.com/umbraco/localizedtext
Then AppCheck gives me this
Description:
The response appears to contain a JSON property named ‘stacktrace’.
Hmm, that’s weird. It seems to just contain translations, so I doubt it’s actually any risk. Why it’s publicly available is beyond me 
Because the login screen needs it in older versions of Umbraco.
Agreed this is a classic false positive
1 Like