Burp Suite User Forum

Should I worry about scanning the \robots.txt file?

Nicole | Last updated: Mar 05, 2020 08:14PM UTC

Hi all, can anyone let me know if it is significant that findings were found in the \robots.txt file. Thank you

Ben, PortSwigger Agent | Last updated: Mar 06, 2020 09:54AM UTC

Hi Nicole, Burp can classify the presence of a robots.txt file as an Information Exposure vulnerability with a severity rating of Information. The severity ratings are based on the typical impact of the issue on a typical application and in this instance Burp is essentially saying that the presence of the robots.txt file might expose sensitive information to a threat actor. You can find out more information on the definition of this particular issue on the following page: https://portswigger.net/kb/issues/00600600_robots-txt-file Please let us know if you require any further information. Cheers Ben Wright Technical Product Specialist PortSwigger Web Security

You need to Log in to post a reply. Or register here, for free.