Chrome Logger information disclosure

Description

Chrome Logger is a Google Chrome extension for debugging server side applications in the Chrome console. When enabled, the server side component will return headers named X-ChromePhp-Data or X-ChromeLogger-Data. The value of these headers contains possible sensitive information and should not be present in production systems.

Remediation

Disable debugging helpers in production systems.

References
Severity
Classification
Tags
  • Configuration  Information Disclosure