Do you know what information is being leaked by the Referer header when your users click on external links?
If you site is public, you might be safe - but what if you have internal apps, or sensitive information in your URLs?
https://securinglaravel.com/security-tip-is-your-referrer-leaking-information/