Possible Security Issue (Information Disclosure) with Drupal on blog.torproject.org
When loading https://blog.torproject.org/blog/tor-0312-alpha-out-notes-about-0311-alpha, a Drupal warning appeared at the top of the page that looked something like:
Warning: Drupal mkdir() failed directory already exists, etc. etc.
Encountered around 06:00-06:10 UTC. I apologize for the vague wording, but I was an idiot and forgot to take a screenshot. The error appeared after the tab was reloaded from a previous Firefox session, and disappeared after I refreshed the page. The warning message contained directory/path names that appeared at least slightly sensitive. I don't think that displaying server-side error messages to a client is intended behavior, either...
Apologies if this is the wrong channel for reporting this. I looked for an email address for security issues, but the Contact page says to "email the respective maintainer" (???). I'm not familiar with who maintains the blog, and it doesn't seem very high-risk or reproducible, so I'll leave a comment on the blog directing someone here.