Vulnerabilities / Hidden file found

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Severity
Low
CWE Name
Hidden file found
CWE ID
CWE-538
CVSS Score
5.3
Compliance
OWASP TOP10 -> A1, A5
ISO27001 -> A.8.4, A.8.9, A.8.15, A.8.26
Hidden file found

We found a file in your application with potentially sensitive content. If attackers find it, they can use it to exploit or facilitate the exploitation of your application.

How to fix

  • If you don’t need this file to run your application, remove it from the server. If you need it, move it to somewhere not accessible to users or set proper access permissions.