Internet-exposed
Handles PII
Posture
critical
1
high
7
medium
6
low
5
Ownership
Findings (23)
high
Missing CSP header on auth pages
SonarQubeSAST
open
7.7
low
SSRF in webhook fetcher
Burp Pro PenTestPenTest
open
9.9
medium
S3 bucket publicly readable
ProwlerCSPM
accepted
7.5
medium
Terraform module pins old AMI with CVEs
Contrast RASPRASP
triaged
9
low
S3 bucket publicly readable
Burp Pro PenTestPenTest
triaged
7.6
high
Cross-site Scripting in profile renderer
TruffleHogSecrets
open
5.3
low
Terraform module pins old AMI with CVEs
CheckovIaC
open
9.9
info
Container running as root
SonarQubeSAST
triaged
5.2
medium
Outdated lodash with prototype pollution
SonarQubeSAST
accepted
6.5
high
Unencrypted RDS snapshot
SnykSCA
open
7.4
high
Container running as root
SemgrepSAST
triaged
7.8
info
Outdated lodash with prototype pollution
SonarQubeSAST
triaged
4.9
high
Dependency confusion risk on internal package
SnykSCA
false positive
6.7
high
Insecure deserialization in message queue consumer
TruffleHogSecrets
open
9.1
medium
JWT signed with weak HS256 secret
SnykSCA
open
7.7
info
SSRF in webhook fetcher
Cloudflare WAFWAF
open
4.2
low
SSRF in webhook fetcher
SonarQubeSAST
accepted
8.4
medium
Container running as root
OWASP ZAPDAST
false positive
7.6
low
SQL Injection in user-input handler
Contrast RASPRASP
open
8.5