Details
Alert ID 41
Alert Type Active
Status beta
Risk High
CWE 541
WASC 34
Technologies Targeted All
Tags CWE-541
OWASP_2017_A06
OWASP_2021_A05
POLICY_QA_FULL
More Info Scan Rule Help

Summary

The source code for the current page was disclosed by the web server.

Solution

Ensure that Git metadata files are not deployed to the web server or application server.

Other Info

Example disclosed data.

References

Code

org/zaproxy/zap/extension/ascanrulesBeta/SourceCodeDisclosureGitScanRule.java