Information Disclosure Bug
What is an Information disclosure Bug?
Information disclosure vulnerability is the leakage of sensitive information to its users. If this bug is present in any of the web applications it may leak sensitive data to an untrusted user.
Data such as username or financial information leaked to untrusted users.Then sensitive commercial and business-oriented data.
This bug recklessly leaked to normal users simply browsing on the web.
Some examples of information leakages :
- Disclosing the names of hidden directories or by directory listing.
- Column and table names are explicitly disclosed as error messages.
- Leakage of the credit card information.
- Database credentials, IP addresses, and API keys.
What is the impact of information disclosure bug:
Information disclosure bugs severe impact based on the severity of the information. For example, a particular organization holding customer records by mistake due to inappropriate misconfiguration data would leak into the wrong hands.