GCP Credentials exposed in plain text - Githubissues

syscoin / syscoin-fusion

Syscoin Fusion Whitelabel wallet

MIT License

4 stars 2 forks source link

GCP Credentials exposed in plain text #35

Open arshadkazmi42 opened 5 months ago

arshadkazmi42 commented 5 months ago

Summary

This repository exposing GCP credentials in plain text

Steps

Go to https://github.com/syscoin/syscoin-fusion/commit/bfce4dc02a3ab890f43f2832f377651631c6e92c#diff-04df02366c5259737d7bdd418becd51be51d23c5d7b2ecf09223d6d23e659f4cR1
You will see the credentials.json GCP file in plain text

Note: Is this report eligible for any monetary rewards?