Github Recon
While developing a project, some developers forget to hide the sensitive file in the repository.
Vulnerability Name: Sensitive information exposed on GitHub
Vulnerability Description: Here while enumerating the target, I found a public repository of the
[Company name] leaking the sensitive information.Steps to Reproduce:
- 1.Go to the [URL].
- 2.There you can the sensitive data exposed.
Proof-of-concept:
Snapshots or video link attached.Impact: [Create your own attack scenario according to the workflow of website]
Attack Scenario: [Create your own attack scenario according to the workflow of website]
Remediation: Make the repository private or delete that vulnerable code.
Last modified 3yr ago