'Exposure of confidential secret or token Dropbox long lived API token'
Description
The response body contains content that matches the pattern of a Dropbox long lived API token was detected. These tokens were deprecated in 2021, see https://dropbox.tech/developers/migrating-app-permissions-and-access-tokens#introducing-scoped-apps for more details. Exposing this value could allow attackers to gain access to all resources granted by this token.
Remediation
For general guidance on handling security incidents with regards to leaked keys, please see the GitLab documentation on Credential exposure to the internet.
Details
| ID | Aggregated | CWE | Type | Risk |
|---|---|---|---|---|
| 798.31 | false | 798 | Passive | High |