Stack Trace Disclosure (Laravel)
Summary#
While analyzing an HTTP response, Invicti identified a stack trace that was exposed by the Laravel framework due to a misconfiguration.
Impact#
An attacker can obtain information such as:
- Function names
- Filenames
- Physical file paths of relevant files.
- Function parameters
This information might help an attacker gain more information and potentially focus on the development of further attacks against the target system.
Remediation#
Change your
config/app.php file to disable debug mode, which is responsible for the visible stack traces:
'debug' => (bool) env('APP_DEBUG', false)
Vulnerability Index
You can search and find all vulnerabilities
Select Category
OR
Search Vulnerability
Tags
Related Vulnerabilities
