Skip to content
Snippets Groups Projects

798.52.md

stage: Application Security Testing
group: Dynamic Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
title: Exposure of confidential secret or token GitHub Personal Access Token

Description

The response body contains content that matches the pattern of a GitHub personal access token. Exposing this value could allow attackers to gain access to all resources granted by this token.

Remediation

Review the response body content and remove any exposed values.

Details

ID Aggregated CWE Type Risk
798.52 false 798 Passive High

Links