F036. ViewState not encrypted

Description

The state information of application forms that is stored in the ViewState is not encrypted.

Rules

  1. R026. Encrypt client-side session information

OWASP logo

Corporate member of The OWASP Foundation

Clutch Review

Copyright © 2021 Fluid Attacks, We hack your software. All rights reserved.

Service status - Terms of Use - Privacy Policy - Cookie Policy