possible vulnerability with /snorby/public/assets/snorby.js

[pares79]

Hi guys,

I was performing some security test in my snorby and I noticed
that when I try to load(on my browser) the http://localhost:3000/assets/snorby.js
or related/similar queries I get the js code loaded;

I m running snorby 2.6.2 on centos 6.8
is this a bug in snorby ?

Thanks

Pares

[pares79]

Hi guys,

it s just an uitliy false positive, which doen t involve the filesystem(traversal directory queries in order to get confidential data) and it s not only related to the snorby.js file

Thanks
Pares