use of hard-coded password

StackOverflowIsBetterThanAnyAI · StackOverflowIsBetterThanAnyAI · commit 71e3a20434fe · 2025-02-23T18:44:24.000+01:00
diff --git a/CWE-259/main.js b/CWE-259/main.js
@@ -0,0 +1,18 @@
+const main = async () => {
+    const response = await fetch('/api', {
+        method: 'GET',
+        headers: {
+            'Content-Type': 'application/json',
+            Authorization:
+                'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c',
+        },
+    })
+
+    const result = await response.json()
+
+    for (let i = 0; i < result.length; i++) {
+        console.log('Potential Denial of Service attack.')
+    }
+
+    return result
+}
