Description

The Joomla Debug Console is enabled in the web application. Usage of the Joomla Debug Console should be avoided in production and strictly configured in a development environment, as it discloses sensitive information about the web application

Remediation

Disable the Joomla Debug Console or restrict access to it

References

How to debug your code

Related Vulnerabilities

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Information Disclosure (1.2.5)

silverstripeCMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-5187)

PHPinfo pages

Vanilla Forums Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3613)

Unrestricted access to Kong Gateway API

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure Configuration