devvit icon indicating copy to clipboard operation
devvit copied to clipboard
verified publisher icon reddit

fix Hard-coded credentials

Open odaysec opened this issue 9 months ago • 0 comments

Including unencrypted hard-coded authentication credentials in source code is dangerous because the credentials may be easily discovered, the code may be open source, or it may be leaked or accidentally revealed, making the credentials visible to an attacker. This, in turn, might enable them to gain unauthorized access, or to obtain privileged information.

CWE-259. CWE-321. CWE-798.

✅ Checks

  • [x] CI tests (if present) are passing
  • [x] Adheres to code style for repo
  • [x] Contributor License Agreement (CLA) completed if not a Reddit employee

odaysec avatar Apr 16 '25 00:04 odaysec