Details
Alert ID 10032-2
Alert Type Passive
Status release
Risk Medium
CWE 642
WASC 14
Technologies Targeted All
Tags CWE-642
OWASP_2017_A06
OWASP_2021_A04
POLICY_PENTEST
SYSTEMIC
More Info Scan Rule Help

Summary

Email addresses were found being serialized in the viewstate field.

Solution

Verify the provided information isn't confidential.

Other Info

[[email protected]]

References

Code

org/zaproxy/zap/extension/pscanrules/ViewstateScanRule.java