Password Sent Over HTTP
Impact: Medium
Description
Attackers can sniff and capture sensitive information like passwords when they’re served and transmitted over the unencrypted HTTP traffic.
Recommendation
Enforce using HTTPS.
References
👉 You might also like:
Password Sent in HTTP Query - Vulnerability
Basic Authentication Over HTTP - Vulnerability
Password Input on HTTP - Vulnerability
No Redirection from HTTP to HTTPS - Vulnerability
Last updated on February 15, 2021