Misconfiguration in a bottle: Symfony Profiler exposed
Char49 recently discovered a security misconfiguration on a subdomain of an American multinational corporation (Top50 on the Fortune500) website: an exposed Symfony web framework debug endpoint leaking sensitive information.
In a nutshell, exposing Symfony Profile or any other web framework debug...