Use of Hard-coded Credentials
| Property | |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
The code includes hard-coded credentials within a URL, exposing sensitive information directly in the source code. Storing secrets like usernames or passwords in code makes them accessible to anyone with code access, increasing the risk of leaks.
Impact#
If these credentials are exposed, attackers could gain unauthorized access to protected systems or services, potentially leading to data theft, unauthorized changes, or service disruption. This can compromise both the security of your application and the privacy of users or business data.