Stack Trace Disclosure (Laravel)

While analyzing an HTTP response, Invicti identified a stack trace that was exposed by the Laravel framework due to a misconfiguration.

An attacker can obtain information such as:

• Function names
• Filenames
• Physical file paths of relevant files.
• Function parameters

This information might help an attacker gain more information and potentially focus on the development of further attacks against the target system.

Change your config/app.php file to disable debug mode, which is responsible for the visible stack traces:

'debug' => (bool) env('APP_DEBUG', false)