| Details | |
|---|---|
| Alert ID | 200009-4 |
| Alert Type | Tool |
| Status | alpha |
| Risk | Low |
| CWE | 200 |
| WASC | |
| Technologies Targeted | All |
| Tags |
CWE-200 OWASP_2021_A05 OWASP_2025_A02 TOOL_PTK |
Summary
Detects source map references and common debug artifacts in observed HTML/JS responses. These are high-value recon leads for code disclosure and hidden endpoints.
Generated by OWASP PTK DAST Module
Solution
• Do not publish source maps to production unless required; restrict access or strip sourceMappingURL references. • Disable development tooling and verbose debug banners in production builds.Other Info
References
- https://owasp.org/Top10/2025/A02_2025-Security_Misconfiguration/
- https://cwe.mitre.org/data/definitions/200.html