H3-2022-0040¶

Symfony Debug Mode Enabled

Description¶

Symfony with Debug mode enabled in a production environment exposes sensitive information about the web application.

Impact¶

Sensitive environment information may be leaked to attackers allowing for further exploitation.

References¶

• Symfony DOCS
• CWE-215: Insertion of Sensitive Information Into Debugging Code