Information disclosure or leakage happens when a website unintentionally exposes sensitive information to its visitors. Such information can be technical details about the website and the web server it is running on, personal customer details, and also commercial information.
The problem with information disclosure is that malicious hackers can use it to craft attacks. For example, if technical information about a website is exposed, attackers can use this information to learn about the defects of the system and then attack it. If customers’ data is leaked, attackers can use such information to target the customers with phishing and scam attacks, or if credit card details are exposed, attackers use such information to steal funds.