JSONFormatter and CodeBeautify Recent Links exposure in temporary sharing feature
Security Tool/Service
Summary
Hide ▲
Show ▼
JSONFormatter and CodeBeautify left saved JSON snippets exposed through Recent Links, turning a temporary sharing feature into a public access path for sensitive content. The flaw mattered because anyone could reach the saved pages, enabling disclosure of credentials, keys, and other secrets.
Related Happenings
JSONFormatter and CodeBeautify Recent Links data leak
Data Leak
First: 25.11.2025 14:01
Last: 25.11.2025 14:01
Sources 1
How related:
Researchers discovered more than 80,000 user pastes totaling over 5GB exposed through a feature called Recent Links provided by both services, which is freely accessible to anyone.
About this happening:
Publicly accessible Recent Links pages on JSONF ormatter and CodeBeautify exposed more than 80,000 pastes and over 5GB of sensitive data. The exposed material created immediate ri...
JSONFormatter and CodeBeautify Recent Links data leak
Data LeakHow related: Researchers discovered more than 80,000 user pastes totaling over 5GB exposed through a feature called Recent Links provided by both services, which is freely accessible to anyone.
About this happening: Publicly accessible Recent Links pages on JSONF ormatter and CodeBeautify exposed more than 80,000 pastes and over 5GB of sensitive data. The exposed material created immediate ri...
Timeline
-
25.11.2025 14:01 2 articles · 6mo ago
Public Recent Links exposure on JSONFormatter and CodeBeautify
Initial DisclosureWatchTowr identified public Recent Links pages on JSONFormatter and CodeBeautify that exposed more than 80,000 user pastes totaling over 5GB, including Active Directory credentials, database and cloud credentials, private keys, API tokens, SSH session recordings, PII, and other sensitive configuration data from government, critical infrastructure, banking, insurance, aerospace, healthcare, education, cybersecurity, and telecommunications. The saved snippets were reachable through unique URLs without access protection, could be crawled through predictable Recent Links paths, and could also be pulled through getDataFromID API endpoints; the exposure remained freely accessible at the time of reporting.
Show sources
- Code beautifiers expose credentials from banks, govt, tech orgs — www.bleepingcomputer.com — 25.11.2025 14:01
- Code beautifiers expose credentials from banks, govt, tech orgs — www.bleepingcomputer.com — 25.11.2025 14:01