2021-01-02 20:52:32 +00:00
id : package-json
info :
2023-02-05 18:29:07 +00:00
name : npm Config - Detect
2021-06-09 12:20:56 +00:00
author : geeknik,afaq
2021-01-02 20:52:32 +00:00
severity : info
2023-02-05 22:10:01 +00:00
description : npm configuration information was detected. All npm packages contain a file, usually in the project root, called package.json - this file holds various metadata relevant to the project.
2023-02-05 18:28:39 +00:00
reference : https://www.npmjs.com
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score : 5.3
cwe-id : CWE-200
2021-04-06 06:46:11 +00:00
tags : config,exposure
2021-01-02 20:52:32 +00:00
requests :
- method : GET
path :
- "{{BaseURL}}/package.json"
2021-01-07 18:56:47 +00:00
- "{{BaseURL}}/package-lock.json"
2021-01-02 20:52:32 +00:00
matchers-condition : and
matchers :
- type : word
words :
- "name"
- "version"
condition : and
- type : word
words :
- "application/json"
part : header
- type : status
status :
2023-02-05 18:28:39 +00:00
- 200
# Enhanced by mp on 2023/02/05