Description

The web application uses Whoops component to show information about errors. Such errors may disclosure of sensitive information about the web application.

Remediation

Don't show details of errors to users

References

whoops

Related Vulnerabilities

TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3529)

Atlassian Jira Manage Filters information disclosure

Joomla! Core 4.2.0 Information Disclosure (4.2.0)

Apache Tomcat version older than 7.0.21

Joomla! Core 3.x.x Information Disclosure (3.0.0 - 3.8.7)

Severity

Low

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Tags

Information Disclosure