Description

One or more pages disclosing source code were found. This check is using pattern matching to determine if server side tags are found in the file. In some cases this alert may generate false positives.

Remediation

Remove these file(s) from your website or change their permissions to remove access.

References

Why is Source Code Disclosure Dangerous?

CWE-540: Inclusion of Sensitive Information in Source Code

Related Vulnerabilities

WordPress Plugin Better WordPress Minify Arbitrary File Disclosure (1.2.2)

WordPress Plugin Child Theme Configurator Arbitrary File Disclosure (1.7.4)

WordPress Plugin Crayon Syntax Highlighter Local File Disclosure (2.6.10)

SAP NetWeaver server info information disclosure

ZK Framework AuUploader Information Disclosure (CVE-2022-36537)

Severity

Medium

Classification

CWE-538 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Source Code Disclosure Information Disclosure