Vulnerabilities/

Password Input on HTTP

Impact: Medium

Description

Attackers can sniff and capture sensitive information like passwords when they’re served and transmitted over the unencrypted HTTP traffic.

Recommendation

Enforce using HTTPS.

References

👉 You might also like:

Password Sent in HTTP Query - Vulnerability

Password Sent Over HTTP - Vulnerability

Basic Authentication Over HTTP - Vulnerability

No Redirection from HTTP to HTTPS - Vulnerability

Last updated on February 15, 2021

Use SmartScanner Free version to test for this issue

Download