CWE-258
Empty Password in Configuration File
Using an empty string as a password is insecure.
Official CWE-258 definition at MITREImpactr finds and proves weaknesses like CWE-258 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist