Vulnerabilities/

Arbitrary Source Code Disclosure

Impact: High

Description

Source code on a web server often contains sensitive information and should not be accessible to users.

Recommendation

Avoid passing user-submitted input to filesystem APIs. If it’s not possible, another solution is to use a white list of acceptable inputs.

References

Last updated on February 15, 2021

This issue is available in SmartScanner Professional

See Pricing