Description

One or more stack traces were identified. The web application has generated an error message that includes sensitive information about its environment, users, or associated data.

The stack trace can disclose potentially sensitive information such as: physical file paths of relevant files, source code fragments, version information of various packages, database information, error messages, ...

Remediation

It's recommended to handle exceptions internally and do not display errors containing potentially sensitive information to a user.

Related Vulnerabilities

WordPress Pingback Source URI Denial of Service and Information Disclosure Vulnerabilities (0.6.2 - 2.1.3)

BackupBuddy Arbitrary File Download (8.7.4.1)

Profile Builder-User Profile & User Registration Forms Information Disclosure (3.9.0)

Cherry Services List Information Disclosure (1.4.1)

Atlassian Confluence Access Restriction Bypass

Severity

Medium

Classification

CWE-209 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:N

Tags

Information Disclosure