Description
The file _vti_pvt/authors.pwd can be read. This file contains sensitive information and should not be available.
Remediation
Restrict access to this file be settings proper permissions to _vti_pvt directory or directly to authors.pwd.
References
Related Vulnerabilities
WordPress Plugin WP SlackSync Information Disclosure (1.8.5)
Apache Tapestry weak secret key
WordPress Plugin Timetable and Event Schedule by MotoPress Information Disclosure (2.3.19)
Node.js Debugger Unauthorized Access Vulnerability
Unchecked GraphQL Query Length: Potential Denial of Service Vulnerability