Description
The web application exposes Node.js Inspector port. It's not recommended to have Node.js Inspector service publicly accessible as the debugger has full access to the Node.js execution environment and an attacker may be able to execute arbitrary javascript code.
Remediation
Disable Inspector or restrict access to it
References
Related Vulnerabilities
WordPress Plugin SSL Insecure Content Fixer Information Disclosure (2.0.0)
Xdebug remote code execution via xdebug.remote_connect_back
Cookie signed with weak secret key
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1831)
WordPress Plugin Doneren met Mollie Information Disclosure (2.8.4)