Security Audit Report

SECURITY-AUDIT-2026-04-25.pdf

4 findingsScanned Apr 25, 2026

competitorwatch.io

App Router

4High

Attack Surface

Routes

Query Params

Custom Headers

UNKNOWN

/api

GET

/blog

GET

/dashboard/demo

GET

/login

GET

/password-reset

GET

/privacy

GET

/signup

GET

/terms

GET

/try-demo

GET

/waitinglist

Offline

Online

Unknown

X-Goog-AuthUser

X-Goog-Iam-Authorization-Token

baggage

sentry-trace

x-firebase-appcheck

x-firebase-client

x-goog-api-key

Security Findings

4 findings redacted

HIGH

Cross-site scripting vulnerability

User input rendered without proper sanitization.

#1 of 4

HIGH

SQL injection risk detected

Database queries constructed using unsanitized user input.

#2 of 4

HIGH

Insecure deserialization

Untrusted data deserialized without validation.

#3 of 4

HIGH

Missing access control

Endpoints lack proper authorization checks.

#4 of 4

Other Recent Reports

View all security reports →

competitorwatch.io

Attack Surface

Routes (10)

Custom Headers (10)

Security Findings

Cross-site scripting vulnerability

SQL injection risk detected

Insecure deserialization

Missing access control