Description

The Joomla Debug Console is enabled in the web application. Usage of the Joomla Debug Console should be avoided in production and strictly configured in a development environment, as it discloses sensitive information about the web application

Remediation

Disable the Joomla Debug Console or restrict access to it

References

How to debug your code

Related Vulnerabilities

Multiple vulnerabilities in Ioncube loader-wizard.php

Joomla! Core 1.6.x Information Disclosure (1.6.0 - 1.6.6)

Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-10003)

Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.14)

WordPress Plugin JM Twitter Cards Information Disclosure (6.1)

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure Configuration