Description

The web application is based on Typo3 CMS. Typo3 Debug mode is enabled. Debug mode should be turned off in production environment, as it may lead to disclosure of sensitive information about the web application.

Remediation

Disable the debug mode

References

TYPO3: Debugging

TYPO3: Enable Debug Mode

Related Vulnerabilities

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-5487)

WordPress Plugin CodeArt-Google MP3 Player Arbitrary File Disclosure (1.0.11)

WordPress Plugin WP-Live Chat by 3CX Information Disclosure (8.0.28)

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9853)

Oracle JavaServer Faces multiple vulnerabilities

Severity

Low

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Tags

Information Disclosure