SYM_GEN_0290 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Use of Hard-coded Credentials
| Property | Value |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
A Discord client ID was found hard-coded in the source code. Storing credentials or sensitive identifiers directly in code increases the risk of accidental exposure and unauthorized access.
Impact
If this information is leaked, attackers could use it to impersonate your application or target your Discord integration. This could lead to abuse of your Discord bot or service, data leaks, or further compromise of your application's security.