Files
sif/modules
Tigah ed0cceb75a feat(modules): add n8n settings exposure module (#260)
add a recon module for an n8n instance that serves /rest/settings without
authentication; the endpoint exists so the frontend can load but it discloses
the webhook url structure, instance id, release channel, configured
authentication method and whether owner setup is still pending, which aids
reconnaissance and can indicate a claimable instance; it is unauthenticated by
design so this is reported as information disclosure.
2026-07-02 12:56:26 -07:00
..