During the assessment, I have found the debug URL on xyz.com which is disclosing the error logs..
sorry i can’t disclose website name …
lets start…
when i start to recon and try to find bugs on this program .
i tried many things like xss,idor,nd etc….(nothing spot)
when i try to find xss .. then most of the time i got error (xyz.com/errors)
after one day i tried some diff payloads and many thing but nothing works.
anything i tried (random xss payload) it was always redirect one page(xyz.com/errors)
then ..
Support the originator by clicking the read the rest link below.
 and ws-ftp log){kind=link}