search

DFE-Digital / get-teacher-training-adviser-service

DFE-Digital Get Teacher Training Adviser Service
MIT License
2 stars 3 forks source link

ZAP Full Scan Report #85

Closed github-actions[bot] closed 4 years ago

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:152672204

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:152816769

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:154175659

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:155269510

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:155280252

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:159573018

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:159580946

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:159588409

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:159613988

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:159718644

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:159736293

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:167413953

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:167423064

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:167462912

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:167472015

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:171228700

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:171535099

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:171623942

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:172465049

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:175450573

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:175518109

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:175746690

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:176850597

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:177021168

github-actions[bot] commented 4 years ago

View the following link to download the report. RunnerID:177215263

joeleonjr commented 1 year ago

Hi! I'm a security researcher @TruffleSecurity. I found a valid API key leaked in a comment in this Issue. I highly recommend rotating the API key immediately (not just deleting the comment). Here's a blog post I wrote on remediating these types of vulnerabilities: https://trufflesecurity.com/blog/remediate-leaked-api-keys-with-key-rotation.

If you can't find the leaked API key, you can use the following TruffleHog command to automatically scan for it:
trufflehog github --repo https://github.com/<your_username>/<your_reponame> --issue-comments --only-verified

If it's not clear where/what the security issue is, please let me know. I'd be happy to help. Please note that the API key might be in the past edit of a comment.