F030. Sensitive information sent via URL parameters

Description

The system sends sensitive information via URL parameters using the GET method. These parameters:

  • are stored in clear text in the browser history.

  • are sent to external sites via the referrer HTTP header.

  • are sent to external sites via the search bar if the browser interprets the URL as query.

  • are visible to scripts running on the browser that may belong to third-parties.

Copyright © 2020 Fluid Attacks, We hack your software. All rights reserved.

Service status - Terms of Use - Privacy Policy - Cookie Policy