Use of Hard-coded Credentials
| Property | |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
Twitter API secret credentials have been found hard-coded directly in the source code. Storing secrets in code makes them easily accessible to anyone with code access, risking accidental or malicious disclosure.
Impact#
If leaked, attackers could use these credentials to access your Twitter account or perform unauthorized actions via the Twitter API, potentially leading to data breaches, account takeover, or abuse of your organization’s social media presence.