Internet-exposed
Posture
critical
5
high
6
medium
4
low
4
Ownership
Findings (19)
critical
Path traversal in file download endpoint
Burp SuiteDAST
open
4.8
high
SQL Injection in user-input handler
SemgrepSAST
triaged
8.2
medium
SSRF in webhook fetcher
Burp SuiteDAST
triaged
4
high
Path traversal in file download endpoint
Contrast RASPRASP
accepted
8.3
critical
Log4Shell vulnerable dependency
DependabotSCA
open
6.2
medium
Log4Shell vulnerable dependency
ProwlerCSPM
open
6.7
high
IAM role with wildcard permissions
GitleaksSecrets
open
8.1
low
Dependency confusion risk on internal package
OWASP ZAPDAST
open
5.1
critical
IAM role with wildcard permissions
CheckmarxSAST
open
4.5
medium
Outdated lodash with prototype pollution
Contrast RASPRASP
open
9.7
critical
Hardcoded AWS access key in source
Burp Pro PenTestPenTest
open
6.8
low
Unencrypted RDS snapshot
Scout SuiteCSPM
open
4.5
critical
Hardcoded AWS access key in source
CheckovIaC
open
5.1