| Details | |
|---|---|
| Alert Id | 10041 |
| Alert Type | Passive |
| Status | release |
| Risk | |
| CWE | |
| WASC | |
| Technologies Targeted | All |
| Tags |
OWASP_2017_A06 OWASP_2021_A02 WSTG-V42-CRYP-03 |
Summary
This check looks for insecure HTTP pages that host HTTPS forms. The issue is that an insecure HTTP page can easily be hijacked through MITM and the secure HTTPS form can be replaced or spoofed.