Use of Hard-coded Credentials
| Property | |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
A Picatic API key has been found directly in the codebase. Storing API keys in source code exposes them to anyone with code access, increasing the risk of unauthorized use.
Impact#
If attackers obtain this API key, they could access or manipulate your Picatic account, potentially leading to data breaches, financial loss, or abuse of your organization’s event management services.