Information Disclosure Bug

Web security

What is an Information disclosure Bug?

Information disclosure vulnerability is the leakage of sensitive information to its users. If this bug is present in any of the web applications it may leak sensitive data to an untrusted user.

Photo by Aadesh Thapa on Unsplash

Data such as username or financial information leaked to untrusted users.Then sensitive commercial and business-oriented data.

This bug recklessly leaked to normal users simply browsing on the web.

Some examples of information leakages :

  1. Disclosing the names of hidden directories or by directory listing.
  2. Column and table names are explicitly disclosed as error messages.
  3. Leakage of the credit card information.
  4. Database credentials, IP addresses, and API keys.

What is the impact of information disclosure bug:

Information disclosure bugs severe impact based on the severity of the information. For example, a particular organization holding customer records by mistake due to inappropriate misconfiguration data would leak into the wrong hands.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Mukilan Baskaran

Mukilan Baskaran

CTF player | Cyber Security Enthusiast