SYM_GEN_0146 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Use of Hard-coded Credentials
| Property | Value |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
A Facebook Page Access Token has been found hard-coded in the source code. Storing credentials directly in code exposes them to anyone with access to the repository, increasing the risk of unauthorized use.
Impact
If attackers obtain this token, they can gain control over the associated Facebook Page, potentially posting unauthorized content, accessing private page data, or performing malicious actions that could damage your brand and compromise user trust.