Vulnerability
Description
A Java class in the /WEB-INF folder inadvertently exposes sensitive configuration information, potentially containing application credentials or cryptographic keys.
Recommendation
Implement robust access controls to restrict unauthorized access to the /WEB-INF folder and its contents. Consider configuring the web server to deny directory listing or remove the /WEB-INF folder altogether.
Written by
Summarize:
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 14 days
