Description
In the development mode Grails provides a database console (available at /dbconsole/). This database console should not be available in the production environment as it leaks sensitive information about the database structure and permits executing SQL queries.
Remediation
It's recommended to restrict access to the database console by running Grails in production mode.
References
Related Vulnerabilities
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Multiple Vulnerabilities (4.1.2)
WordPress 5.5.x Multiple Vulnerabilities (5.5 - 5.5.5)
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.16)
Spring Boot Misconfiguration: Admin MBean enabled
TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-5743)