Summary #

Invicti detected an exposed .zsh_history file on the target website.

Impact #
.zsh_history file may contain sensitive information such as API keys, usernames, and passwords that might help an attacker to compromise the system.
Remediation #

Restrict access to the .zsh_history file on your system.

Classifications #
PCI v3.2-6.5.8; CWE-284; ISO27001-A.18.1.3; WASC-2; OWASP 2013-A7; OWASP 2017-A3 , CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo