Exposed .git/config File Leading to Potential Sensitive Information Disclosure

## Summary: The .git/config file is publicly accessible on the target server, which may expose sensitive repository configuration details. This indicates that the .git directory is improperly exposed, potentially allowing attackers to reconstruct the entire source code repository and extract sensitive information. Although the website may not be explicitly listed in scope, this issue represents a significant security misconfiguration that could impact the organization’s infrastructure and code integrity. ## Steps To Reproduce: ``` curl "https://curl.se/dash/.git/config" -X GET -i -k -H "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8" -H "User-Agent: Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F141.0.0.0%20Safari%2F537.36" -H "Host: curl.se" -H "Connection: Keep-alive" ``` ## Additional Notes: Even if this specific asset is out of scope, exposed .git directories are widely recognized as misconfigurations and may still be considered under “good faith” reporting due to their security implications. ## POC {F5558707} ## Impact ## Summary: Exposure of internal repository configuration Remote repository URLs Developer usernames/emails Deployment structure Possibility to dump the full repository using publicly available tools Source code disclosure Credential leakage