.env Information Leak

Type: Active Scan

Risk: Medium

Description

One or more .env files seems to have been located on the server. These files often expose infrastructure or administrative account credentials, API or APP keys, or other sensitive configuration information.

Solution

Ensure the .env file is not accessible.

References

CWE: 215

WASC: 13

Code

Last updated: 2020-04-30 16:12:39.623Z