Summary
Acunetix 360 detected that the Whoops is enabled and configured to show verbose error messages.
This vulnerability can cause highly sensitive data leaks.
Impact
The Whoops Error Handler Framework shows verbose error messages in a convenient format. These error messages may contain:
- Stack Traces
- Internal Source Code
- Environment Variables
- Physical path of the requested file
Some of this data can be highly sensitive and should not be displayed outside of a debugging context.