1. Critical Credential Exposure Found in Admin Dashboard API Endpoint
A critical security vulnerability in the `/api/admin/dashboard` endpoint was discovered exposing sensitive credentials, including a Stripe API key and complete database login information with passwords, directly in JSON responses. The flaw, classified as sensitive data exposure, affected the file `src/routes/admin.js` ...