Exposure of Sensitive Information Due to Incompatible Policies in ethibox/stacks

Valid

Reported on

Jul 8th 2021


✍️ Description

Please enter a description of the vulnerability.

1)Visit https://github.com/ethibox/stacks/blob/master/wordpress.yml#L47-L50 for the exposed database credentials

💥 Impact

This vulnerability is capable of database getting compromised.

We have contacted a member of the ethibox/stacks team and are waiting to hear back 3 months ago
ethibox/stacks maintainer confirmed that a fix has been merged on 571266 2 months ago
The fix bounty has been dropped