1. Support Center
  2. Issue Definitions
  3. Database connection string disclosed

Database connection string disclosed

Description: Database connection string disclosed

A database connection string specifies information about a data source and the means of connecting to it. In web applications, connection strings are generally used by the application tier to connect to the back database used for storing application data. They are usually read from server-side configuration files or hard-coded into application source code.

Remediation: Database connection string disclosed

It is almost never necessary for applications to disclose database connection strings to clients. The reason for the disclosure should be reviewed and addressed.


Vulnerability classifications

Typical severity


Type index (hex)


Type index (decimal)


Burp Scanner

This issue - and many more like it - can be found using our web vulnerability scanner

Read more

Get Burp

Scan your web application from just $449.00

Find out more