L01 Logging Exposure

What this means

SiteShadow flagged log statements that may include secrets, credentials, tokens, or sensitive user data.

Why it matters

Logs are widely accessible; leaked secrets can enable account compromise.

• Logs spread: dev machines, CI output, third-party log vendors, support tickets.
• Long retention: even after you "fix the code," old logs still contain the data.
• Compliance risk: PII in logs causes audit and breach-notification headaches.

Safer examples

1) Redact secrets before logging

function redact(s) {
  if (!s) return "";
  return s.slice(0, 4) + "…";
}
logger.info("Login attempt user=%s tokenPrefix=%s", userId, redact(token));

2) Don't log full request bodies by default

Especially for auth endpoints, webhooks, and payment flows.

3) Restrict access and retention

Limit who can read logs; set retention based on need; protect log sinks as sensitive systems.

How SiteShadow detects it (high level)

• Looks for logging APIs and flags when likely-sensitive variables are logged (tokens, passwords, headers like Authorization, cookies).
• Uses heuristic matching to reduce noise (e.g., ignores obviously fake placeholders where possible).

References

• CWE-532: https://cwe.mitre.org/data/definitions/532.html

---

← Back to Vulnerability Library