⌘
K
2
2
Assessments
staging.acme-payments.example.com
staging.acme-payments.example.com
Created
04.25.2026
Apr 25
Apr 25, 2026
April 25, 2026
Status
Completed
Team
Team
1
Crit
2
High
3
Med
2
Low
Assessment Timeline
Understanding
Analysis
Audit
Triage
Report
Pending
ALL
All
(8)
EXP
Exploitable
(8)
NONEXP
Non-Exploitable
(0)
Status
All Severities
Actions (0)
Severity
Title
ID
Status
Critical
Authentication bypass via JWT none-algorithm acceptance
AIS-DEMO-BBX-001
Open
High
Stored XSS in customer notes (admin view)
AIS-DEMO-BBX-002
Open
High
IDOR on order export — cross-tenant read
AIS-DEMO-BBX-003
Open
Medium
Open redirect on post-login URL parameter
AIS-DEMO-BBX-004
Open
Medium
Sensitive endpoint reachable without authentication
AIS-DEMO-BBX-005
Open
Medium
Missing rate limit on login endpoint
AIS-DEMO-BBX-006
Open
Low
Verbose 500 errors leak Django stack traces
AIS-DEMO-BBX-007
Open
Low
Cookie set without `HttpOnly` / `Secure` flags
AIS-DEMO-BBX-008
Open
Show
50
Page 1 of 1
Scans
Findings
Reports
New
Org
Billing
Settings
DEMO