You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description
A method uses a hard-coded password that may compromise system security in a way that cannot be easily remedied.
The use of a hard-coded password significantly increases the possibility that the account being protected will be
compromised. Moreover, the password cannot be changed without patching the software. If a hard-coded password
is compromised in a commercial product, all deployed instances may be vulnerable to attack.
Recommendations
Store passwords out-of-band from the application code. Follow best practices for protecting credentials stored in
locations such as configuration or properties files.
The text was updated successfully, but these errors were encountered:
Content & configuration
Doing static code analysis, found CWE 259 problem in following line.
https://github.com/swagger-api/swagger-ui/blob/v3.25.0/src/core/components/auth/oauth2.jsx#L105
Description
A method uses a hard-coded password that may compromise system security in a way that cannot be easily remedied.
The use of a hard-coded password significantly increases the possibility that the account being protected will be
compromised. Moreover, the password cannot be changed without patching the software. If a hard-coded password
is compromised in a commercial product, all deployed instances may be vulnerable to attack.
Recommendations
Store passwords out-of-band from the application code. Follow best practices for protecting credentials stored in
locations such as configuration or properties files.
The text was updated successfully, but these errors were encountered: