Description

Frameworks sometimes expose debugging features that are helpful during development. However, those features could be abused by attackers and should be disabled before being deployed to production. The service responded with 200 status codes to requests to known debugging endpoints.

Rationale

Debugging endpoints in production can lead to security breaches by exposing sensitive data and application internals.

Remediation

• Disable debugging in production