Description

The Joomla Debug Console is enabled in the web application. Usage of the Joomla Debug Console should be avoided in production and strictly configured in a development environment, as it discloses sensitive information about the web application

Remediation

Disable the Joomla Debug Console or restrict access to it

References

How to debug your code

Related Vulnerabilities

Serendipity Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3800)

Possible sensitive directories

WordPress Plugin Quick Buy For Woocommerce Arbitrary File Disclosure (2.0)

WordPress Plugin Aspose DOC Exporter Arbitrary File Download (1.0)

WordPress Plugin Video Embed & Thumbnail Generator Information Disclosure (1.1)

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure Configuration