Potential IP addresses were found to be serialized in the ViewState field.
Potential IP addresses were found to be serialized in the ViewState field.
An attacker can study the application's state management logic for possible vulnerabilities, and if your application stores application-critical information in the ViewState (e.g., IP addresses), it will also be revealed.
Reduce the chance of someone intercepting the information stored in the ViewState by encrypting it.
Medium
Run our automated penetration testing and vulnerability assessment to protect your web application from hackers.