Emails Found in the Viewstate

Potential email addresses were found to be serialized in the ViewState field.

Summary

Potential email addresses were found to be serialized in the ViewState field.

An attacker can study the application's state management logic for possible vulnerabilities, and if your application stores application-critical information in the ViewState (e.g., email addresses), it will also be revealed.

Solution

Reduce the chance of someone intercepting the information stored in the ViewState by encrypting it.

Risk

Medium

References

Secure Your Startup. Today.

We make your startup secure and compliant by implementing and managing the security controls your customers require.

Get Started