⌘
K
2
2
Assessments
acme-payments.example.com
acme-payments.example.com
Created
04.22.2026
Apr 22
Apr 22, 2026
April 22, 2026
Status
Completed
Team
Team
1
Crit
3
High
4
Med
3
Low
Assessment Timeline
Understanding
Analysis
Audit
Triage
Report
Pending
ALL
All
(12)
EXP
Exploitable
(11)
NONEXP
Non-Exploitable
(1)
Status
All Severities
Actions (0)
Severity
Title
ID
Status
Critical
Hard-coded service-account secret in repository
AIS-DEMO-WBX-001
Open
High
SQL injection via raw query in admin search
AIS-DEMO-WBX-002
Open
High
Server-side request forgery in webhook delivery
AIS-DEMO-WBX-003
Open
High
Missing authorisation on order export endpoint
AIS-DEMO-WBX-004
Open
Medium
Insecure JWT signing key derived from env defaults
AIS-DEMO-WBX-005
Open
Medium
XSS via unescaped customer notes in admin UI
AIS-DEMO-WBX-006
Open
Medium
Cryptographic operation uses MD5 for password reset tokens
AIS-DEMO-WBX-007
Open
Medium
Misconfigured CORS allows any origin with credentials
AIS-DEMO-WBX-008
Open
Low
Verbose error responses leak stack traces in production
AIS-DEMO-WBX-009
Open
Low
Secrets logged in payment retry handler
AIS-DEMO-WBX-010
Open
Low
Missing rate limit on password reset request endpoint
AIS-DEMO-WBX-011
Open
Info
Repository contains stale test fixtures with real customer data
AIS-DEMO-WBX-012
Open
Show
50
Page 1 of 1
Scans
Findings
Reports
New
Org
Billing
Settings
DEMO