min read

Information Disclosure - Sensitive Information in URL

The request appeared to contain sensitive information leaked in the URL.

Summary

The request appeared to contain sensitive information leaked in the URL. It may violate PCI and most organizational compliance policies. You can configure the list of strings for this check to add or remove values specific to your environment.

Solution

Do not pass sensitive information in URIs.

References

https://owasp.org/www-community/vulnerabilities/Information_exposure_through_query_strings_in_url

Scan and protect your web application from hackers

Run our automated penetration testing and vulnerability assessment to protect your web application from hackers.

Latest Articles

View All Articles

Server Leaks Information via 'X-Powered-By' HTTP Response Header Field(s)

The web/application server is leaking information via one or more “X-Powered-By” HTTP response headers.

Vulnerabilities

min read

Strict-Transport-Security Header

HTTP Strict Transport Security (HSTS).

Vulnerabilities

min read

Heartbleed OpenSSL Vulnerability (Indicative)

The TLS and DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets.

Vulnerabilities

min read