Description

The web application is run in development mode. It should be avoided in the production environment and strictly configured in a development environment because it exposes sensitive information about the web application

Remediation

Disable the development mode

References

Use multiple environments in ASP.NET Core

Related Vulnerabilities

WordPress Plugin WP Custom Pages 'url' Parameter Local File Disclosure (0.5.0.1)

WordPress Plugin Simple Ads Manager Multiple Vulnerabilities (2.6.96)

WordPress 1.5.1.2 Multiple Vulnerabilities (1.0 - 1.5.1.2)

ReviveAdserver Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-7368)

WordPress Plugin S3Bubble Cloud Video With Adverts & Analytics Arbitrary File Download (0.7)

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Tags

Information Disclosure Configuration