Node.js source code disclosure

Description

Kayran has detected a Node.js web application that it’s source code may be exposed to others.

Usually due to server misconfiguration, the source code of this application can be reached.
That will assist an attacker to carry out advanced attacks against the infrastructure of the assets.

Recommendation

Make sure that access to these file/s and the Node.js source code are restricted, and can only be reached by authorized personal.

References

https://cwe.mitre.org/data/definitions/200.html

https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html

< Return to all Vulnerabilities

Crossing Scripts – XSS

Injections. SQL Injections. Cross-site Scripting (hence the amazing title “Crossing Scripts – XSS”). There all sorts of Injection-Based attacks, if you want to read about

Read More »

Bug Bounties

As pirates, we all love plundering, we all love raiding, but mostly, we all love bounties, especially Bug Bounties. Let’s talk about it. Bug Bounties

Read More »

Exposing the GIT

Let’s start with defining the meaning of GIT. GIT – is an open-source system which we use as a tool to store data and information

Read More »