CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory

BaseDraft

The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information.

View on MITRE

Back to CWE Lookup

Technical Details

Structure: Simple

Applicable To

Languages

Not Language-Specific

Platforms

Learn More

Find Related CVEs

Search for vulnerabilities that exploit CWE-538

CVE vs CWE: What's the Difference?

Understanding vulnerabilities vs weaknesses

Understanding CVSS Scoring

How vulnerability severity is measured

View Full MITRE Entry

Complete technical details and references