SS-2015-025: Request class name exposure on error
- Severity:
- Low (?)
- Identifier:
- SS-2015-025
- Versions Affected:
- 3.1.15 and below, 3.2.0
- Versions Fixed:
- 3.1.16, 3.2.1
- Release Date:
- 2015-11-16
RequestHandler would include the class name in the unstyled 403 & 404 responses. This is a slight information leak that could be used by an attacker.
This issue has been resolved by suppressing these errors on live.
