Description

This directory contains an .htaccess file that is readable. This may indicate a server misconfiguration. htaccess files are designed to be parsed by web server and should not be directly accessible. These files could contain sensitive information that could help an attacker to conduct further attacks. It's recommended to restrict access to this file.

Remediation

Restrict access to the .htaccess file by adjusting the web server configuration.

Related Vulnerabilities

Apache Geronimo default administrative credentials

WordPress Plugin cloudsafe365_for_WP 'file' Parameter Remote File Disclosure (1.46)

Session cookies scoped to parent domain

WordPress Plugin CodeArt-Google MP3 Player Arbitrary File Disclosure (1.0.11)

WordPress Plugin Stop User Enumeration User Enumeration (1.3.4)

Severity

Info

Classification

CWE-443 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration Information Disclosure