DerScanner
Home / Vulnerability Database / JavaScript : Web3: Hardcoded sensitive data
JavaScript

JavaScript : Web3: Hardcoded sensitive data

Classification

OWASP Top 10 2021
A4-Insecure Design
CWE
CWE-257CWE-522CWE-798
CWE/SANS Top 25 2011
CWE-798
CWE/SANS Top 25 2021
CWE-522CWE-798

Overview

Web3 library is probably used.

Sensitive data is hardcoded in the source code.

References

  1. The best way to store secrets in your app is not to store secrets in your app - poka-techblog
  2. Web3js documentation
  3. CWE-798: Use of Hard-coded Credentials
CRITICAL

DerScanner Severity Score

Do you want to fix JavaScript : Web3: Hardcoded sensitive data in your application?

See also

JavaScript

JavaScript : Null salt

JavaScript

JavaScript : Empty encryption key

JavaScript

JavaScript : Unsafe Azure access control