Security Test: Frontend Software Component Leak¶
Scanner(s) Support¶
| GraphQL Scanner | REST Scanner | Frontend Scanner |
|---|---|---|
Description¶
Default Severity:
Software component leaks happen when a system accidentally reveals details about the software it uses, giving attackers clues about potential weaknesses. This typically occurs when default settings aren’t changed or when error and debug messages aren’t properly hidden, making it easier for attackers to identify outdated or vulnerable components. If these leaks go unaddressed, they can significantly increase the risk of compromise, as attackers know exactly where to look for security flaws within your system.
Configuration¶
Identifier:
frontend_information_disclosure/software_component_leak
Examples¶
All configuration available:
Compliance and Standards¶
| Standard | Value |
|---|---|
| OWASP API Top 10 | API8:2023 |
| OWASP LLM Top 10 | LLM06:2023 |
| PCI DSS | 6.5.3 |
| GDPR | Article-32 |
| SOC2 | CC1 |
| PSD2 | Article-95 |
| ISO 27001 | A.18.1 |
| NIST | SP800-53 |
| FedRAMP | AC-6 |
| CWE | 200 |
| CVSS Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
| CVSS Score | 5.3 |