Debug Mode Information disclosure to unauthenticated users. #89
Labels
invalid
This doesn't seem right
LCB-TechDebt
Issue exists in Legacy Code Base. We inherited it.
Prod
Observed in Production Environment.
Security
Issue impacts or is related to App Security.
UI
User Interface Issues.
Projects
Milestone
includes/base_log_error.inc.php
PrintPageHeader()
$debug_mode
must be set to > 0 for this to show up. Display of this info is fine if user is authenticated or Auth system is off.Expected Behavior:
Uses
AuthorizedPage()
to do checks before information display.Current Behavior:
Doesn't do page checks before printing information.
The text was updated successfully, but these errors were encountered: