Use of Hard-coded Credentials
| Property | |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
An API key appears to be hardcoded directly into the codebase. Storing sensitive credentials in source code makes them easy to accidentally expose or leak.
Impact#
If an attacker obtains this API key, they could gain unauthorized access to external services or systems, potentially leading to data breaches, service abuse, or financial loss for the organization.