Node.js source code disclosure

Description

Kayran has detected a Node.js web application that it’s source code may be exposed to others.

Usually due to server misconfiguration, the source code of this application can be reached.
That will assist an attacker to carry out advanced attacks against the infrastructure of the assets.

Recommendation

Make sure that access to these file/s and the Node.js source code are restricted, and can only be reached by authorized personal.

References

https://cwe.mitre.org/data/definitions/200.html

https://cwe.mitre.org/data/definitions/540.html

https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html

< Return to all Vulnerabilities

Explaining API

We’ve talked about API’s Vulnerability in here, but i feel like there’s much more to talk about and explain since this is a big and

Read More »