Automate Recon and scanning process with Vidoc. All security teams in one place
This module has a medium severity level, indicating that it can potentially lead to security vulnerabilities if not properly configured.
If misconfigured, the Symfony FOSJsRoutingBundle can expose sensitive information and potentially allow unauthorized access to routes and resources within the Symfony application.
The module works by sending an HTTP GET request to the "/js/routing?callback=fos.Router.setDatafoobarfoo" endpoint. It then applies several matching conditions to determine if a misconfiguration is present.
The matching conditions include:- The response body must contain the following words:
routes- The response header must include the word
If all the matching conditions are met, the module will report a misconfiguration in the Symfony FOSJsRoutingBundle.Reference:
shodan-query: http.html:"symfony Profiler"