Description

The web application uses Whoops component to show information about errors. Such errors may disclosure of sensitive information about the web application.

Remediation

Don't show details of errors to users

References

whoops

Related Vulnerabilities

WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.28)

WordPress Plugin Order Export & Order Import for WooCommerce Information Disclosure (1.0.8)

ASP.NET CustomErrors Is Disabled

PHP Safedir restriction bypass vulnerabilities

WordPress Plugin VikBooking Hotel Booking Engine & PMS Multiple Vulnerabilities (1.5.3)

Severity

Low

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Tags

Information Disclosure