Vulnerability Name
Classifications
Severity
Express express-session Weak Secret Key Detected
CWE-200, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Express Development Mode Is Enabled
CWE-200, ISO27001-A.9.4.1, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
RSA Private Key Detected
CAPEC-118, CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Medium
Information Disclosure (Microsoft Office)
PCI v3.2-6.5.5, CAPEC-118, CWE-200, ISO27001-A.18.1.3, WASC-13
Low
Internal IP Address Disclosure
CWE-200, ISO27001-A.18.1.4, OWASP 2013-A6, OWASP 2017-A3
Low
Windows Username Disclosure
PCI v3.2-6.5.5, CAPEC-118, CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A6, OWASP 2017-A3
Low
Referrer-Policy Not Implemented
CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3
Best Practice
CDN Detected (Azure CDN)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (Arvan Cloud)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (Akamai)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (Airee)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (Fastly)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information