Merge pull request #73 from suculent/cx-one

added sample vulnerability (CWE-200)
suculent · Aug 8, 2023 · e5ab040 · e5ab040
2 parents 24316ea + 5db35d3
commit e5ab040
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/nodejs/index.js b/nodejs/index.js
@@ -8,6 +8,9 @@ var key = CryptoJS.enc.Hex.parse(AESKey);
 
 var message = "username:password";
 
+const password = AESKey;
+console.log(password); // added vulnerability
+
 // ENCRYPT /////////////////////////////////////////////////////////////////////
 
 // Encrypt