Node.js source code disclosure

Description

Kayran has detected a Node.js web application that it’s source code may be exposed to others.

Usually due to server misconfiguration, the source code of this application can be reached.
That will assist an attacker to carry out advanced attacks against the infrastructure of the assets.

Recommendation

Make sure that access to these file/s and the Node.js source code are restricted, and can only be reached by authorized personal.

References

https://cwe.mitre.org/data/definitions/200.html

https://cwe.mitre.org/data/definitions/540.html

https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html

< Return to all Vulnerabilities

Servers 101

Let’s have a “quick” Servers 101 Course. Courtesy of Kayran! If you’ve been on the internet for over an hour, you probably already heard of

Read More »

APT vs. ATP

In this article we will talk about APT vs. ATP. In other words, Advanced Persistent Threat and Advanced Threat Protection and the context between these

Read More »