Summary
While analyzing an HTTP response, Acunetix 360 identified a stack trace that was exposed by the Laravel framework due to a misconfiguration.
Impact
An attacker can obtain information such as:
- Function names
- Filenames
- Physical file paths of relevant files.
- Function parameters
This information might help an attacker gain more information and potentially focus on the development of further attacks against the target system.
Remediation
Change your
config/app.php
file to disable debug mode, which is responsible for the visible stack traces:
'debug' => (bool) env('APP_DEBUG', false)