CASE_STUDY

Vulnerability Assessment of a Node.js Web App

Oct 05, 2025 10 min read MH4S33B/Web_Project
Matrix

In the ever-evolving digital landscape, web applications continue to be lucrative targets for malicious actors. As part of a proactive security initiative, I conducted a thorough vulnerability assessment on a Node.js-based web application designed with user management features including registration, login, and profile management.

This article outlines the assessment process, the vulnerabilities uncovered, and the remediation strategies recommended to secure the application against common attack vectors.

๐ŸŽฏ Target Overview

  • App Name: Web_Project
  • Tech Stack: Node.js, Express
  • Date: 20 April 2025
  • Type: Static & Dynamic Analysis

๐Ÿ› ๏ธ Tools Used

  • OWASP ZAP
  • Browser DevTools
  • Manual Testing

๐Ÿงช Test Environment Setup

To replicate the application and simulate real-world usage, the following steps were performed:

# Clone the Repository

git clone https://github.com/MH4S33B/Web_Project.git

cd Web_Project

# Install Dependencies

npm install

# Launch

npm start

๐Ÿ›ก๏ธ Key Vulnerabilities Identified

1. Cross-Site Scripting (XSS)

HIGH

Issue: Input such as <script>alert('XSS');</script> in the "Name" field was executed on page render.

Arbitrary script execution
Cookie theft
Redirection to malicious websites

Fix: Sanitize input (DOMPurify) & Implement CSP.

2. SQL Injection

CRITICAL

Payload: admin' OR '1'='1

Issue: Bypassed login authentication via unsanitized SQL query strings.

Full authentication bypass
Unauthorized data access
Remote Code Execution (RCE)

Fix: Use Parameterized Queries or ORM (Sequelize/Prisma).

3. Missing Security Headers

MEDIUM

Missing: X-Frame-Options, HSTS, X-XSS-Protection.

const helmet = require('helmet');
app.use(helmet());

Fix: Implement Helmet middleware.

4. Sensitive File Enumeration

MEDIUM

Issue: 404 responses for sensitive paths like /WEB-INF/web.xml hinting at internal structure.

Fix: Block internal paths & Return 403 Forbidden.

โœ… Conclusion

Security Posture: AT RISK

This assessment uncovered several critical vulnerabilities that could expose the application to real-world exploitation. Of particular concern are the SQL Injection and XSS flaws, both of which could be leveraged for severe compromise of user data.

It is highly recommended that a comprehensive code review and follow-up penetration test be conducted post-remediation to ensure a hardened security posture.