Description
This Django web application is running with debug mode turned on (DEBUG = True ). One of the main features of debug mode is the display of detailed error pages. If your app raises an exception when DEBUG is True, Django will display a detailed traceback, including a lot of metadata about your environment, such as all the currently defined Django settings (from settings.py).
Remediation
Never deploy a site into production with DEBUG turned on. To disable debug mode, set DEBUG = False in your Django settings file.
References
Related Vulnerabilities
Joomla! Core 3.x.x Information Disclosure (3.0.0 - 3.8.7)
SAP ICF /sap/public/info sensitive information disclosure
WordPress Plugin Filedownload 'download.php' Local File Disclosure (0.1)
WordPress Plugin Caldera Forms-More Than Contact Forms Information Disclosure (1.3.5.2)
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-4042)