Internet-exposed
Handles PII
Posture
critical
0
high
5
medium
5
low
4
Ownership
Findings (16)
high
Missing CSP header on auth pages
CodeQLSAST
open
6.2
medium
Race condition in payment idempotency
SemgrepSAST
open
8.3
medium
Excessive Kubernetes RBAC privileges
WizCSPM
open
7.1
info
Dependency confusion risk on internal package
CodeQLSAST
triaged
8.2
low
Dependency confusion risk on internal package
Burp Pro PenTestPenTest
accepted
9.6
medium
Path traversal in file download endpoint
SonarQubeSAST
open
7.1
low
Missing CSP header on auth pages
tfsecIaC
open
9.9
high
Unencrypted RDS snapshot
Contrast RASPRASP
open
4.8
low
Hardcoded AWS access key in source
Cloudflare WAFWAF
triaged
7
info
Missing rate limiting on /login
Scout SuiteCSPM
triaged
4.8
medium
Excessive Kubernetes RBAC privileges
TrivyContainer
accepted
7.1
medium
Missing CSP header on auth pages
SnykSCA
open
4.7
low
SSRF in webhook fetcher
DependabotSCA
open
7.7