Description

One or more pages were found to contain an ColdFusion error message that discloses the installation path and other potentially sensitive data.

Remediation

Review the source code for the affected pages.

References

OWASP - Information Disclosure

Adobe ColdFusion - Lockdown Guide

Related Vulnerabilities

Typo3 Admin publicly accessible

WordPress Plugin Easy Contact Forms Export 'file' Parameter Information Disclosure (1.1.0)

Web application default/weak credentials

FrontPage Identified

WordPress debug mode

Severity

Low

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure