161 – Missing secure obfuscation
Description
It is possible to obtain source code from the application since it has not been securely obfuscated. This could allow an attacker to understand the inner workings of the application or obtain technical or sensitive information.
Impact
Understand the inner workings of the application to generate new attack vectors.
Recommendation
Obfuscate the applications JavaScript to prevent leakage of technical information that could reveal vulnerable features.
Threat
Anonymous attacker from the Internet.
Expected Remediation Time
Score 4.0
Default score using CVSS 4.0. It may change depending on the context of the src.
Base 4.0
- Attack vector: N
- Attack complexity: L
- Attack Requirements: N
- Privileges required: N
- User interaction: N
- Confidentiality (VC): L
- Integrity (VI): N
- Availability (VA): N
- Confidentiality (SC): N
- Integrity (SI): N
- Availability (SA): N
Threat 4.0
- Exploit maturity: U