Vulnerabilities
1
 min read

Potential IP Addresses Found in the Viewstate

Potential IP addresses were found to be serialized in the ViewState field.

Summary

Potential IP addresses were found to be serialized in the ViewState field.

An attacker can study the application's state management logic for possible vulnerabilities, and if your application stores application-critical information in the ViewState (e.g., IP addresses), it will also be revealed.

Solution

Reduce the chance of someone intercepting the information stored in the ViewState by encrypting it.

Risk

Medium

References

Scan and protect your web application from hackers

Run our automated penetration testing and vulnerability assessment to protect your web application from hackers.

Thank you for registering
Oops! Something went wrong.

Latest Articles

View All Articles

Server Leaks Information via 'X-Powered-By' HTTP Response Header Field(s)

The web/application server is leaking information via one or more “X-Powered-By” HTTP response headers.

Vulnerabilities
1
 min read

Strict-Transport-Security Header

HTTP Strict Transport Security (HSTS).

Vulnerabilities
1
 min read

Heartbleed OpenSSL Vulnerability (Indicative)

The TLS and DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets.

Vulnerabilities
1
 min read