Description

The Joomla Debug Console is enabled in the web application. Usage of the Joomla Debug Console should be avoided in production and strictly configured in a development environment, as it discloses sensitive information about the web application

Remediation

Disable the Joomla Debug Console or restrict access to it

References

How to debug your code

Related Vulnerabilities

Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5383)

WordPress Plugin Simple Download Monitor Multiple Vulnerabilities (3.9.5.1)

WordPress Plugin Helpful Information Disclosure (4.5.25)

Lucee Stacktrace Information Disclosure

WordPress Plugin VikBooking Hotel Booking Engine & PMS Multiple Vulnerabilities (1.5.3)

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure Configuration