Get a demo
AppSec with Zero Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

Stack Trace Disclosure (Laravel)

Severity: Medium
Summary#

While analyzing an HTTP response, Invicti identified a stack trace that was exposed by the Laravel framework due to a misconfiguration.

Impact#

An attacker can obtain information such as:

  • Function names
  • Filenames
  • Physical file paths of relevant files.
  • Function parameters

This information might help an attacker gain more information and potentially focus on the development of further attacks against the target system.

Remediation#
Change your config/app.php file to disable debug mode, which is responsible for the visible stack traces: 
'debug' => (bool) env('APP_DEBUG', false)
Classifications#
, , , , , , , ,

Select Category

OR

Search Vulnerability

Tags

OWASP 2013-A5 OWASP 2017-A6 stack trace

Related Vulnerabilities

Invicti

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo