Tainted flow: 'TOKEN_URL' from os.environ.get (line 8, credential/environment) → requests.post (network output)
Critical
- Category
- Data Flow
- Content
data = {"source_key": source_key} try: response = requests.post(TOKEN_URL, headers=headers, json=data) response.raise_for_status() return response.json().get("access" + "_token") except Exception as e:- Confidence
- 97% confidence
- Finding
- response = requests.post(TOKEN_URL, headers=headers, json=data)
