SYM_GEN_0236 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Use of Hard-coded Credentials
| Property | Value |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
An Algolia API key has been found hard-coded in the source code. Storing credentials directly in code exposes them to anyone with access to the repository, increasing the risk of secret leaks.
Impact
If an attacker obtains this API key, they could access or manipulate your Algolia search data, potentially leading to unauthorized data exposure, service abuse, or increased costs. This could compromise user privacy and the integrity of your application.