13 行
671 B
JSON
13 行
671 B
JSON
{
|
|
"canonical_id": "magento-open-source--d462b2a6cb",
|
|
"system_id": "magento-open-source",
|
|
"title": "ConnectPOS leaked Github secrets for years 2026-01-12 Sansec discovered that ConnectPOS has been showing their Github credentials on their site for 4 years. This would enable attackers to slip malicious code into each of the thousands of ConnectPOS retail installations. Sansec recommends to verify integrity of installed code. skimming supply-chain magento connectpos +2",
|
|
"reasons": [
|
|
"missing affected/fixed version details"
|
|
],
|
|
"candidate_count": 1,
|
|
"references": [
|
|
"https://sansec.io/research/connectpos-github-token-exposure"
|
|
]
|
|
}
|