Use of Hard-coded Credentials in cythron/gcp

Valid
Reported on May 18th 2021

✍️ Description

Hard-Coded User Credentials are exposed in the docker file.

🕵️‍♂️ Proof of Concept

https://github.com/cythron/gcp/blob/master/%23Dockerfile#L20

💥 Impact

Attacker is capable of login using given credentials.