Description
The web application exposes Node.js Inspector port. It's not recommended to have Node.js Inspector service publicly accessible as the debugger has full access to the Node.js execution environment and an attacker may be able to execute arbitrary javascript code.
Remediation
Disable Inspector or restrict access to it
References
Related Vulnerabilities
Unchecked GraphQL Query Length: Potential Denial of Service Vulnerability
WordPress Plugin Yoast SEO Information Disclosure (3.2.4)
Snoop Servlet information disclosure
WordPress 5.7.x Multiple Vulnerabilities (5.7 - 5.7.7)
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-3664)