Whoops Error Handler Framework Detected
Summary#
Invicti detected that the Whoops is enabled and configured to show verbose error messages.
This vulnerability can cause highly sensitive data leaks.
Impact#
The Whoops Error Handler Framework shows verbose error messages in a convenient format. These error messages may contain:
- Stack Traces
- Internal Source Code
- Environment Variables
- Physical path of the requested file
Some of this data can be highly sensitive and should not be displayed outside of a debugging context.
Classifications#
Vulnerability Index
You can search and find all vulnerabilities
Select Category
OR
Search Vulnerability
Related Vulnerabilities
