| 107 | } |
| 108 | |
| 109 | func InsecureWebhookPayloadURL(url string) Issue { |
| 110 | return Issue{ |
| 111 | ID: INF_DISC_HTTP_WEBHOOK, |
| 112 | Name: AvailableChecks[INF_DISC_HTTP_WEBHOOK], |
| 113 | Severity: severity.High, |
| 114 | Category: category.InformationDisclosure, |
| 115 | CWEs: []int{319}, |
| 116 | Description: fmt.Sprintf( |
| 117 | "Non-HTTPS webhook detected: %s", |
| 118 | url, |
| 119 | ), |
| 120 | Resources: []resource.Resource{ |
| 121 | {ID: url, Kind: resource.Webhook}, |
| 122 | }, |
| 123 | Remediation: "It is recommended to use HTTPS webhooks if data involved is sensitive and also enable SSL verification as outlined in https://docs.github.com/en/developers/webhooks-and-events/webhooks/creating-webhooks", |
| 124 | } |
| 125 | } |
| 126 | |
| 127 | func OrgAdvancedSecurityDisabled(org string) Issue { |
| 128 | return Issue{ |