Hash Disclosure

Type: Passive Scan

Description

A hash was disclosed by the web server

Solution

Ensure that hashes that are used to protect credentials or other resources are not leaked by the web server or database. There is typically no requirement for password hashes to be accessible to the web browser.

References

Code

Last updated: 2020-04-30 16:12:39.623Z