Summary

Netsparker identified a directory listing (WebDAV).

The web server responded with a list of files located in the target directory.

Impact
An attacker can see the files located in the directory and could potentially access files which disclose sensitive information.
Actions To Take
  1. Configure the web server to disallow directory listing requests.
  2. If you are not using this extension, it's recommended to be disabled.
Classifications
CAPEC-127, WASC-16, OWASP PC-C6, OWASP 2013-A5 , CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N