Description
The Clockwork was found in the web application. Usage of the Clockwork should be avoided in production and strictly configured in a development environment, as it discloses sensitive information about the web application
Remediation
Disable the Clockwork or restrict access to it
References
Related Vulnerabilities
Whoops error handler component detected
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-29450)
WordPress Plugin ShareYourCart Information Disclosure (1.6.1)
Unrestricted access to Prometheus Metrics
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-5739)