Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Possible User ID and Password Sent Within a Web Form (POST)

Info

Synopsis

The remote web client posted a form with what appears to be an embedded user ID and password.

Description

The remote web client posted a form with what appears to be an embedded user ID and password. You should manually verify that confidential data is not being leaked from the network.

Solution

Ensure that confidential data is not passed via plaintext form fields. Note: PVS only reports on the first occurence of this item on a web server. Parse your entire web source for similar occurrences.