CWE-615
Inclusion of Sensitive Information in Source Code Comments
While adding general comments is very useful, some programmers tend to leave important data, such as: filenames related to the web application, old links or links which were not meant to be browsed by users, old code fragments, etc.
Official CWE-615 definition at MITREImpactr finds and proves weaknesses like CWE-615 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist