Directory Listing

Description

Directory listing could allow an attacker to see and travel through folders and files of the system that could hold sensitive information, attackers can use this information to leverage further attacks.

Bussines Impact

Directory listing lets an attacker see files located in the directory and could potentially access files that could disclose sensitive information.

Recommendation

Make sure to block access to this directory and hide the record of the files inside of it.

Reference

https://cwe.mitre.org/data/definitions/548.html