Handles PII
Posture
critical
1
high
12
medium
6
low
3
Ownership
Findings (23)
high
Terraform module pins old AMI with CVEs
tfsecIaC
triaged
4.9
high
Terraform module pins old AMI with CVEs
GrypeContainer
open
9.2
high
S3 bucket publicly readable
Scout SuiteCSPM
false positive
9.7
medium
Missing rate limiting on /login
SemgrepSAST
open
7.2
medium
Path traversal in file download endpoint
WizCSPM
open
7.6
high
Hardcoded AWS access key in source
tfsecIaC
open
7.4
medium
Hardcoded AWS access key in source
Burp Pro PenTestPenTest
triaged
4.4
high
Log4Shell vulnerable dependency
Contrast RASPRASP
triaged
4.2
medium
SQL Injection in user-input handler
TrivyContainer
triaged
7.3
high
Missing rate limiting on /login
CheckovIaC
open
8
high
Open Redis without auth
Cloudflare WAFWAF
open
4.8
high
Missing CSP header on auth pages
tfsecIaC
open
5.9
low
Log4Shell vulnerable dependency
CheckovIaC
triaged
7.4
high
Outdated lodash with prototype pollution
GrypeContainer
triaged
5
info
Cross-site Scripting in profile renderer
TrivyContainer
open
4.4
critical
Cross-site Scripting in profile renderer
Contrast RASPRASP
open
7.8
high
Container running as root
TrivyContainer
triaged
6.1
medium
Path traversal in file download endpoint
ProwlerCSPM
triaged
4.9
low
SSRF in webhook fetcher
CheckmarxSAST
open
7.3
low
Terraform module pins old AMI with CVEs
SnykSCA
open
9.1