Vulnerability Name
Classifications
Severity
Sensitive Data Exposure – Slack Webhook
PCI v3.2-6.5.6, CAPEC-37, CWE-200, ISO27001-A.8.2.1, WASC-WASC-13, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Medium
Sensitive Data Exposure – Slack v1.x Token
PCI v3.2-6.5.6, CAPEC-37, CWE-200, ISO27001-A.8.2.1, WASC-WASC-13, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Medium
Sensitive Data Exposure – SonarQube User Token
PCI v3.2-6.5.6, CAPEC-37, CWE-200, ISO27001-A.8.2.1, WASC-WASC-13, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Medium
Sensitive Data Exposure – Square OAuth Secret
PCI v3.2-6.5.6, CAPEC-37, CWE-200, ISO27001-A.8.2.1, WASC-WASC-13, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Medium
Sensitive Data Exposure – Square Personal Access Token
PCI v3.2-6.5.6, CAPEC-37, CWE-200, ISO27001-A.8.2.1, WASC-WASC-13, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Medium
Sensitive Data Exposure – Stripe API key
PCI v3.2-6.5.6, CAPEC-37, CWE-200, ISO27001-A.8.2.1, WASC-WASC-13, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Medium
Sensitive Data Exposure – Symfony Application Secret
PCI v3.2-6.5.6, CAPEC-37, CWE-200, ISO27001-A.8.2.1, WASC-WASC-13, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Medium
Sensitive Data Exposure – Teams Webhook
PCI v3.2-6.5.6, CAPEC-37, CWE-200, ISO27001-A.8.2.1, WASC-WASC-13, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Medium
Sensitive Data Exposure – Telegram Bot API Token
PCI v3.2-6.5.6, CAPEC-37, CWE-200, ISO27001-A.8.2.1, WASC-WASC-13, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Medium
Sensitive Data Exposure – Twilio API Key
PCI v3.2-6.5.6, CAPEC-37, CWE-200, ISO27001-A.8.2.1, WASC-WASC-13, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Medium
Sensitive Data Exposure – Twitter API Secret Key
PCI v3.2-6.5.6, CAPEC-37, CWE-200, ISO27001-A.8.2.1, WASC-WASC-13, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Medium
Sensitive Data Exposure – Twitter Access Token Secret
PCI v3.2-6.5.6, CAPEC-37, CWE-200, ISO27001-A.8.2.1, WASC-WASC-13, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Medium