|
|
|
|
|
|
by nitwit005
111 days ago
|
|
|
I'd expect the security team to realize what the code is treating as a secret isn't actually secret. But there's a second insight that seems tough for a security review to catch. You have to realize that even though you can't do anything obviously malicious with the API, there is a billing problem. |
|
|