While developing a project, some developers forget to hide the sensitive file in the repository.
Vulnerability Name: Sensitive information exposed on GitHub
Vulnerability Description: Here while enumerating the target, I found a public repository of the
[Company name]leaking the sensitive information.
Steps to Reproduce:
- 1.Go to the [URL].
- 2.There you can the sensitive data exposed.
Snapshots or video link attached.
Impact: [Create your own attack scenario according to the workflow of website]
Attack Scenario: [Create your own attack scenario according to the workflow of website]
Remediation: Make the repository private or delete that vulnerable code.