Github Organization Webhook With SSL Disabled
- Query id: ce7c874e-1b88-450b-a5e4-cb76ada3c8a9
- Query name: Github Organization Webhook With SSL Disabled
- Platform: Terraform
- Severity: Medium
- Category: Encryption
- URL: Github
Description¶
Check if insecure SSL is being used in the GitHub organization webhooks
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "github_organization_webhook" "positive1" {
name = "web"
configuration {
url = "https://google.de/"
content_type = "form"
insecure_ssl = true
}
active = false
events = ["issues"]
}