Credientals Over GET method in plain Text
Medium
Vulnerability Details
Hi Team,
Description
While I was testing the application i found this bug where the application is sending the credentials over Plain text in URL : https://auth.ratelimited.me/login?username=testqaz%40grr.la&password=D33vanh%40h%40h%40
Vulnerable URl https://auth.ratelimited.me
## Impact
Impact: if the application is sending the credentials over GET request it will be saved in the history of the Browser
Actions
View on HackerOneReport Stats
- Report ID: 490899
- State: Closed
- Substate: resolved
- Upvotes: 13