Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

SS-2015-025: Request class name exposure on error

Severity:
Low (?)
Identifier:
SS-2015-025
Versions Affected:
3.1.15 and below, 3.2.0
Versions Fixed:
3.1.16, 3.2.1
Release Date:
2015-11-16

RequestHandler would include the class name in the unstyled 403 & 404 responses. This is a slight information leak that could be used by an attacker.

This issue has been resolved by suppressing these errors on live.

Common Vulnerability Scoring System (CVSS) Information