Internet-exposed
Handles PII
Posture
critical
2
high
3
medium
5
low
6
Ownership
Findings (18)
info
SSRF in webhook fetcher
OWASP ZAPDAST
accepted
8.5
info
Missing rate limiting on /login
DependabotSCA
triaged
4.5
low
Container running as root
tfsecIaC
open
5.5
low
Unencrypted RDS snapshot
CheckmarxSAST
triaged
5.6
high
Path traversal in file download endpoint
CheckmarxSAST
open
9.8
medium
Log4Shell vulnerable dependency
CodeQLSAST
triaged
8.9
medium
Path traversal in file download endpoint
CodeQLSAST
triaged
9.1
critical
IAM role with wildcard permissions
CheckovIaC
false positive
9.8
low
Outdated lodash with prototype pollution
Contrast RASPRASP
accepted
9.1
high
Path traversal in file download endpoint
SemgrepSAST
open
9.1
low
Log4Shell vulnerable dependency
SnykSCA
false positive
4.1
medium
Path traversal in file download endpoint
DependabotSCA
accepted
8.4
medium
Excessive Kubernetes RBAC privileges
SonarQubeSAST
open
8
critical
Race condition in payment idempotency
GitleaksSecrets
triaged
4.4
low
Cross-site Scripting in profile renderer
TruffleHogSecrets
false positive
8
low
SQL Injection in user-input handler
DependabotSCA
false positive
7
high
Open Redis without auth
GitleaksSecrets
open
6