Password Sent Over HTTP
Attackers can sniff and capture sensitive information like passwords when they’re served and transmitted over the unencrypted HTTP traffic.
Enforce using HTTPS.
👉 You might also like:
Password Sent in HTTP Query - Vulnerability
Basic Authentication Over HTTP - Vulnerability
Password Input on HTTP - Vulnerability
No Redirection from HTTP to HTTPS - Vulnerability
Last updated on February 15, 2021