Sensitive Unreferenced Resource Found

Impact: Low


Sensitive Unreferenced Resource Found refers to the discovery of sensitive resources within a web application that are not directly linked or referenced within the application itself. These resources, although not part of the main navigation or visible to users, may still be accessible to attackers, providing them with insights into potential attack vectors.


To mitigate the risk of information disclosure, promptly remove or restrict access to sensitive unreferenced resources. Relying solely on resource obscurity for security is inadequate; instead, ensure that sensitive resources are adequately protected through access controls and other security measures.


Last updated on May 13, 2024

This issue is available in SmartScanner Professional

See Pricing