min read

Potential IP Addresses Found in the Viewstate

Potential IP addresses were found to be serialized in the ViewState field.

Summary

Potential IP addresses were found to be serialized in the ViewState field.

An attacker can study the application's state management logic for possible vulnerabilities, and if your application stores application-critical information in the ViewState (e.g., IP addresses), it will also be revealed.

Solution

Reduce the chance of someone intercepting the information stored in the ViewState by encrypting it.

Risk

Medium

References

Secure Your Startup. Today.

We make your startup secure and compliant by implementing and managing the security controls your customers require.

Get Started

Latest Articles

View All Articles

Navigating GDPR Compliance on AWS

How to secure your AWS environment in compliance with the GDPR?

Mitigations

5

min read

Plan Your Security Roadmap

Check out how other startups become secure and compliant.

Mitigations

2

min read

Server Leaks Information via 'X-Powered-By' HTTP Response Header Field(s)

The web/application server is leaking information via one or more “X-Powered-By” HTTP response headers.

Vulnerabilities

1

min read