Files in the source code contain login credentials for the admin user and the property configuration password, allowing an attacker to get full access to the application.
Source code on a web server or repository often contains sensitive information and should generally not be accessible to users.