Node.js source code disclosure

Home » Blog » Node.js source code disclosure

Description

Kayran has detected a Node.js web application that it’s source code may be exposed to others.

Usually due to server misconfiguration, the source code of this application can be reached.
That will assist an attacker to carry out advanced attacks against the infrastructure of the assets.

Recommendation

Make sure that access to these file/s and the Node.js source code are restricted, and can only be reached by authorized personal.

References

https://cwe.mitre.org/data/definitions/200.html

https://cwe.mitre.org/data/definitions/540.html

https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html

< Return to all Vulnerabilities

Tracing your Requests

Like mentioned here, There are several HTTP request methods, each with its own purpose and uses, In this article we’ll talk about the TRACE Method.

Enterprise Mobility – BYOD vs. CYOD

We know that “demarcation” of our Enterprise Mobility is very important in the field of Information Security especially when we talk about the devices being

Everything Ransomware

If you wish to know Everything Ransomware related, you’ve come to the right place! What is Ransomware? What can we do with it? Why it’s

Active Directory Hacking

What does Active Directory mean? The Active Directory infrastructure is a critical infrastructure in most organizations, and it forms the backbone of the organization’s computing

Botnet – The Swarm

There is nothing scarier than The Swarm of wasps flying towards you? What about a Swarm of Bots? Let’s talk about Botnet. In short? Botnet

Models – CIA and AAA

The field of information security is based on a number of basic principles that are important for us. Each principle is part of two main

WEB APPLICATION VULNERABILITY SCANNER