bug

[ahmed23132]

Dear GitHub Security Team,

I would like to report a security incident involving a public repository that contains sensitive information.

Repository Information:

Repository URL: https://github.com/hubrix/arcamens/blob/0d8dc839d0840532cbeb811320e161b881715376/NOTES.md?plain=1#L4
Repository Owner: [Insert repository owner's username or organization name]
Commit/Branch: [Provide commit hash or branch name where the information was found, if possible]

Description of the Issue: In the aforementioned repository, I found sensitive data that should not have been made public. Specifically, I came across PayPal sandbox account credentials (email and password), which could potentially be used to access accounts in the PayPal sandbox environment.

The credentials found are as follows:

PayPal Buyer Email: paypal-sandbox-buyer@portonvictor.org
Password: Lv8JDFEc
PayPal Merchant Email: paypal-sandbox-merchant@portonvictor.org
Password: Lv8JDFEc

This is a significant security risk as it exposes sensitive account credentials in a public space. I believe this information should be removed immediately to prevent any potential misuse.

Steps Taken: I have not attempted to access any account or use the provided credentials in any way. I am reporting this issue to ensure it is handled appropriately.

Action Requested: Please investigate this issue and remove any sensitive information from the repository to prevent any potential misuse.

Attached Screenshot:

Thank you for your prompt attention to this matter.

Sincerely :Ahmed Ali
Email Address :elshekh57357@gmail.com

[github-actions]

Internal Jira issue: DOCS-714

[ahmed23132]

ok don

[DMarinhoCodacy]

Hello @ahmed23132 ,

Thanks for reaching out!

Did you see some sensitive data in any of the Codacy repositories? If so, can you point me to the repository where you see such a bug?

Kind regards,
David Marinho