Full Path Disclosure

[bright-security-golf]

Full Path Disclosure

Severity: Medium Discovered: 08 of November-2025, 09:31 PM UTC

CWE ID

CWE-200

CVSS

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

Webroot files and directories are exposed to the attacker. This information can be used to further exploit the system using attack vectors such as Local File Inclusion (LFI) and Directory Traversal. It can lead to the disclosure of sensitive information such as configuration files, source code, and other sensitive information.

Possible exposure

Read Application Data; Access to Privileged Information

Remediation suggestions

Ensure that the application does not expose full path information to the attacker. This can be achieved by configuring exception handling to display generic error messages to the user and logging detailed error messages to the server logs.

Request

GET http://docker:3000/api/auth/jwt/x5c/validate HTTP/1.1
Cookie: connect.sid=Ox5E-zzJX_mWcILPxcLBkgF5_ECdBoiH.6kj2REV%2FWV3c%2BL%2BV2CqZualiZRuvdZa2jWZMNSkSOog
Connection: close
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.7258.154 Safari/537.36
authorization: Bearer <JWT_TOKEN>

Response

HTTP/1.1 401
date: Sat, 08 Nov 2025 21:31:39 GMT
Connection: close
Set-Cookie: connect.sid=Ox5E-zzJX_mWcILPxcLBkgF5_ECdBoiH.6kj2REV%2FWV3c%2BL%2BV2CqZualiZRuvdZa2jWZMNSkSOog; domain=docker; path=/
content-type: application/json; charset=utf-8
Cache-Control: public, max-age=99999
content-length: 70

{"error":"Unauthorized","line":"/usr/src/app/dist/auth/auth.guard.js"}

External links

• cwe.mitre.org
• www.owasp.org
• docs.brightsec.com
• development.playground.brightsec.com