CWE-538
Insertion of Sensitive Information into Externally-Accessible File or Directory
The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information.
Official CWE-538 definition at MITREImpactr finds and proves weaknesses like CWE-538 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist