Download Netsparker
Pricing
Blog
Contact
Netsparker

CVS Repository Detected (Including Source Code & Development Data)

Netsparker detected a CVS repository file.

Impact

CVS repository files can disclose the CVS physical path, CVS name and CVS file list. While disclosures of this type do not provide chances of direct attack, they can be useful for an attacker when combined with other vulnerabilities or during the exploitation of some other vulnerabilities.

Remedy

Do not leave CVS repository files on development environments. If there is a business requirement to do so, implement access control mechanisms to stop public access to CVS repository files. 


Go back to the Complete list of Vulnerability Checks.