Description

The web application is based on Typo3 CMS. Typo3 Debug mode is enabled. Debug mode should be turned off in production environment, as it may lead to disclosure of sensitive information about the web application.

Remediation

Disable the debug mode

References

TYPO3: Debugging

TYPO3: Enable Debug Mode

Related Vulnerabilities

WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.21)

TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-3664)

WordPress Plugin Simple Gmail Login Stack Trace Information Disclosure (1.1.3)

WordPress Plugin Video Embed & Thumbnail Generator Information Disclosure (1.1)

Credit card number disclosed

Severity

Low

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Tags

Information Disclosure