jaleelsyed
commented
1 year ago Message : This issue is manually closed from FX control plane.
Title: Pii Vulnerability on GET:/api/v1/savings-account/savings-account Project: NB 58 Description:
Assertion
<p><font style="color: #ef5350;"><b>Overview:</b> Personally Identifiable Information or PII is any data that can be used to break the anonymity of a interaction. It is closely tied to privacy and tracking regulations. Examples of PII are government ID numbers, address, phone numbers. </font></p>
<p><font style="color: #ef5350;"><b>Severity:</b> Varies by data exposed</font></p>
<p><font style="color: #ef5350;"><b>Impact:</b> High Business Impact</font></p>
<p><font style="color: #ef5350;"><b>Exploitation:</b> Medium</font></p>
<p><font style="color: #ef5350;"><b>References:</b></font>
<ul>
<li><a href="https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">OWASP Sensitive Data Exposure</li>
</ul>
</p>Risk: Pii Severity: Medium API Endpoint: http://netbanking.apisec.ai:8080/api/v1/savings-account/savings-account Environment: Master Playbook: ApiV1SavingsAccountSavingsAccountGetPii Researcher: Default
QUICK TIPS
Suggestion: Effort Estimate: null Hrs Wire Logs:
IMPORTANT LINKS
Vulnerability Details: https://cloud.apisec.ai/#/app/vulnerabilities/projects/8adc80ec84e1cb220184e5f27d494dfb/dashboard/8adc81e585bef95e0185c041a27e172e/details
Project: https://cloud.apisec.ai/#/app/projects/8adc80ec84e1cb220184e5f27d494dfb/dashboard
Environment: https://cloud.apisec.ai/#/app/config-environments/projects/8adc80ec84e1cb220184e5f27d494dfb/environmentList
Coverage: https://cloud.apisec.ai/#/app/config-categories/projects/8adc80ec84e1cb220184e5f27d494dfb/categories
PS: Please contact support@apisec.ai for apisec access and login issues.
--- apisec Bot ---
Title: Pii Vulnerability on GET:/api/v1/savings-account/savings-account Project: NB 58 Description:
Assertion
Risk: Pii Severity: Medium API Endpoint: http://netbanking.apisec.ai:8080/api/v1/savings-account/savings-account Environment: Master Playbook: ApiV1SavingsAccountSavingsAccountGetPii Researcher: [apisec Bot]
QUICK TIPS
Suggestion: Effort Estimate: null Hrs Wire Logs:
IMPORTANT LINKS
Vulnerability Details: https://cloud.apisec.ai/#/app/vulnerabilities/projects/8adc80ec84e1cb220184e5f27d494dfb/dashboard/8adc81e585bef95e0185c041a27e172e/details
Project: https://cloud.apisec.ai/#/app/projects/8adc80ec84e1cb220184e5f27d494dfb/dashboard
Environment: https://cloud.apisec.ai/#/app/config-environments/projects/8adc80ec84e1cb220184e5f27d494dfb/environmentList
Scan Dashboard: https://cloud.apisec.ai/#/app/projects/8adc80ec84e1cb220184e5f27d494dfb/profiles/8adc80eb84e1c98e0184e5f2a02953c6/runs/8adc800d85bef5300185c04170912a01
Playbook: https://cloud.apisec.ai/#/app/projects/8adc80ec84e1cb220184e5f27d494dfb/playbooks/ApiV1SavingsAccountSavingsAccountGetPii
Coverage: https://cloud.apisec.ai/#/app/config-categories/projects/8adc80ec84e1cb220184e5f27d494dfb/categories
Code Sample: https://cloud.apisec.ai/#/app/vulnerabilities/projects/8adc80ec84e1cb220184e5f27d494dfb/dashboard/8adc81e585bef95e0185c041a27e172e/codesamples
PS: Please contact support@apisec.ai for apisec access and login issues.
--- apisec Bot ---