Description
Dear GitHub Security Team,
I would like to report a security incident involving a public repository that contains sensitive information.
Repository Information:
Repository URL: https://github.com/hubrix/arcamens/blob/0d8dc839d0840532cbeb811320e161b881715376/NOTES.md?plain=1#L4
Repository Owner: [Insert repository owner's username or organization name]
Commit/Branch: [Provide commit hash or branch name where the information was found, if possible]
Description of the Issue: In the aforementioned repository, I found sensitive data that should not have been made public. Specifically, I came across PayPal sandbox account credentials (email and password), which could potentially be used to access accounts in the PayPal sandbox environment.
The credentials found are as follows:
PayPal Buyer Email: paypal-sandbox-buyer@portonvictor.org
Password: Lv8JDFEc
PayPal Merchant Email: paypal-sandbox-merchant@portonvictor.org
Password: Lv8JDFEc
This is a significant security risk as it exposes sensitive account credentials in a public space. I believe this information should be removed immediately to prevent any potential misuse.
Steps Taken: I have not attempted to access any account or use the provided credentials in any way. I am reporting this issue to ensure it is handled appropriately.
Action Requested: Please investigate this issue and remove any sensitive information from the repository to prevent any potential misuse.
Attached Screenshot:
Thank you for your prompt attention to this matter.
Sincerely :Ahmed Ali
Email Address :elshekh57357@gmail.com