Description

The Joomla Debug Console is enabled in the web application. Usage of the Joomla Debug Console should be avoided in production and strictly configured in a development environment, as it discloses sensitive information about the web application

Remediation

Disable the Joomla Debug Console or restrict access to it

References

How to debug your code

Related Vulnerabilities

PHPinfo pages

WordPress Plugin WP Import Export Information Disclosure (3.9.15)

MySQL username disclosure

WordPress Plugin Slideshow Multiple Cross-Site Scripting and Information Disclosure Vulnerabilities (2.1.12)

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-20151)

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure Configuration