CWE-497 – Exposure of Sensitive System Information to an Unauthorized Control Sphere
Description The application does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access...