Node.js source code disclosure

Description

Kayran has detected a Node.js web application that it’s source code may be exposed to others.

Usually due to server misconfiguration, the source code of this application can be reached.
That will assist an attacker to carry out advanced attacks against the infrastructure of the assets.

Recommendation

Make sure that access to these file/s and the Node.js source code are restricted, and can only be reached by authorized personal.

References

https://cwe.mitre.org/data/definitions/200.html

https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html

< Return to all Vulnerabilities

Blue Team

We’ve talked about The Red Team before, but what about The Blue Team? How is this group different from the red one? Why would we

Read More »

What is Kayran

Kayran scanner is helping all businesses, both SMBs and enterprises, to test their online assets and products for over 9000 vulnerabilities.Kayran’s mission is to make

Read More »

Red Team

You’ve probably heard that there are teams in the Cyber field called Red Team and Blue Team. Let’s talk about the red one, shall we?

Read More »