Skip to content

Commit

Permalink
Apply suggestions from code review
Browse files Browse the repository at this point in the history 
Co-authored-by: Jamie Anderson <[email protected]>
  • Loading branch information
@loris-s-sonarsource @jamie-anderson-sonarsource
loris-s-sonarsource and jamie-anderson-sonarsource authored Nov 15, 2024
1 parent 8a38ac4 commit 466d3ae
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion rules/S7161/secrets/rule.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ the least:
2. Personal access tokens (PAT)
3. "Credentials token", received after a SignIn request

Their scopes vary in terms of lifetime, access, and impact.
Their scopes vary in terms of lifetime, access, and privileges.

Below are some real-world scenarios that illustrate some impacts of an attacker
exploiting the secret.
Expand Down
2 changes: 1 addition & 1 deletion shared_content/secrets/impact/dataviz_takeover.adoc
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
==== Dataviz Corruption and Takeover
==== Data visualization corruption and takeover

With control over the {service_name} application, the attacker can modify
dashboards, alter data sources, or inject malicious code. This can result in the
Expand Down

0 comments on commit 466d3ae

Please sign in to comment.