Edio Yenye Shavu

The .git/config file is publicly accessible on the target server, which may expose sensitive repository configuration details. This indicates that the .git directory is improperly exposed, potentially allowing attackers to reconstruct the entire source code repository and extract sensitive informat…

The .git/config file is publicly accessible on the target server, which may expose sensitive repository configuration details. This indicates that the .git directory is improperly exposed, potentially allowing attackers to reconstruct the entire source code repository and extract sensitive information. Although the website may not be explicitly listed in scope, this issue represents a significant security misconfiguration that could impact the organization’s infrastructure and code integrity.