Full Path Disclosure of Server through 500 Server Error

Hello team, EXPLANATION ============ I found a interesting vulnerability into your site that it unexpected disclosing the server path where the PHP files are being hosted. When application sends account verification links in email then if anyone tries to verify his account with that link at a twice then on the title of the website the whole server path is disclosing through 500 Server Error. Vulnerable Path : --------------- `/usr/share/ngnix/website/resources/view/auth/create_password.blade.php` I have added a POC . ## Impact 1. Server Information Disclosure