Verbose PHP error messages exposed on a blog article

Disclosed: 2019-04-10 21:33:50 By corb3nik To security

None

Vulnerability Details

Hey guys! For what its worth, warning messages aren't suppressed on the /blog/ endpoint, giving verbose PHP error messages when visiting a blog article such as https://www.hackerone.com/blog/H1-702-2018-makes-history-over-500K-bounties-paid. {F374066} ## Impact Not much impact, just disclosures of paths and technologies used (Drupal, Symphony)

Actions

View on HackerOne

Report Stats

Report ID: 439174
State: Closed
Substate: resolved
Upvotes: 11

Verbose PHP error messages exposed on a blog article

Vulnerability Details

Actions

Report Stats

Share this report