Security Misconfiguration - Debug Mode Enabled

Vulnerability Details

The application is running with debug mode enabled in production, exposing sensitive information and potentially dangerous functionality.

Debug information could reveal application internals, file paths, database queries, and configuration details that aid further attacks.

Disable debug mode in production environments. Implement proper error handling that does not expose internal details. Review and harden all configuration settings before deployment.

• https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/README