Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

Cobalt Vulnerability Wiki


V4 - Access Control

Critically Sensitive Data - Private API Keys

POC

  • Check for page source code or JS files (such as app.js) to see hardcoded Private API Keys

Impact

Medium-High

Likelihood

Medium