Source Code Disclosure - SVN

Type: Active Scan

Risk: Medium

Description

The source code for the current page was disclosed by the web server

Solution

Ensure that SVN metadata files are not deployed to the web server or application server

References

• http://projects.webappsec.org/Predictable-Resource-Location
• http://cwe.mitre.org/data/definitions/425.html

CWE: 541

WASC: 34

Code

• org/zaproxy/zap/extension/ascanrulesBeta/SourceCodeDisclosureSvnScanRule.java

Last updated: 2020-07-20 08:53:37.296Z