Vulnerabilities / Hidden file found

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
↓

Severity

Low

CWE Name

Hidden file found

CWE ID

CWE-538

CVSS Score

5.3

Compliance

OWASP TOP10 -> A1, A5
ISO27001 -> A.8.4, A.8.9, A.8.15, A.8.26

Hidden file found

We found a file in your application with potentially sensitive content. If attackers find it, they can use it to exploit or facilitate the exploitation of your application.

How to fix

generic

If you don’t need this file to run your application, remove it from the server. If you need it, move it to somewhere not accessible to users or set proper access permissions.