Hi, first of all - great work with the repo.
Pagekit Docker Image Exposes .htaccess File
Description
The community Pagekit Docker image (pagekit/pagekit on Docker Hub) allows public access to the .htaccess file located in the web root.
This file contains configuration rules for Apache and should not be exposed, as it can reveal sensitive application details and URL rewrites.
The exposure is due to a missing Apache configuration directive to deny access to hidden files (e.g., <Files ".ht*"> Require all denied ).
Proof of Concept
Screenshot
Details
CWE:
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
- CWE-284: Improper Access Control
- CWE-285: Improper Authorization
References
Best regards,
Hi, first of all - great work with the repo.
Pagekit Docker Image Exposes .htaccess File
Description
The community Pagekit Docker image (pagekit/pagekit on Docker Hub) allows public access to the .htaccess file located in the web root.
This file contains configuration rules for Apache and should not be exposed, as it can reveal sensitive application details and URL rewrites.
The exposure is due to a missing Apache configuration directive to deny access to hidden files (e.g., <Files ".ht*"> Require all denied ).
Proof of Concept
Screenshot
Details
Affected Docker image:
pagekit/pagekitAffected Docker image - link: https://hub.docker.com/r/pagekit/pagekit
CWE:
References
Best regards,