3 matches found
CVE-2023-46240 CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environment
CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround,...
CVE-2023-46240 CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environment
CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround,...
CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environment
Impact If an error or exception occurs in CodeIgniter4 v4.4.2 and earlier, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Patches Upgrade to v4.4.3 or later. See upgrading guide. Workarounds Replace...