I have 2 vulnerabilities that I don't know how to address, seeking some help. I have done a basic install with very little changes from the installer.
phpinfo Information Disclosure Vulnerability:
This host has a publicly-accessible PHP file that calls the phpinfo() function (or some other function similar to it).
If a user requests this file (such as via an Internet browser), the user may obtain a page containing sensitive information about the Web server host. The information displayed to the user could include the exact version numbers of various software products (Operating Systems, Web Servers, PHP, XML, MySQL), the values of some environment variables ($PATH, $SYSTEM_ROOT), paths to various programs (cmd.exe), and much more.
jQuery Cross-Site Scripting (XSS) Vulnerability - the offending file i cant find nor is it listed, partial contents are:
<!-- Use title if it's in the page YAML frontmatter -->
<title>Welcome to XAMPP</title>
<meta name="description" content="XAMPP is an easy to install Apache distribution containing MariaDB, PHP and Perl." />
<meta name="keywords" content="xampp, apache, php, perl, mariadb, open source distribution" />