Password field submitted using GET method


During the scan,Kayran managed to found that password fields were sent using the GET method (in the URL).
It might lead to sensitive user information being disclosed.

An attacker could exploit this vulnerability to steal the victim’s password in Clear Text using MITM (Man In The Middle) or check the browser’s history.


To prevent this vulnerability, make sure that all sensitive information is being sent using the POST sending method.


< Return to all Vulnerabilities

Crossing Scripts – XSS

Injections. SQL Injections. Cross-site Scripting (hence the amazing title “Crossing Scripts – XSS”). There all sorts of Injection-Based attacks, if you want to read about

Read More »

HAR Files

In this article, I’ll talk and explain about HAR Files, so if you don’t know what they are, or, what do we use them for,

Read More »