Session Token in URL issues are scanned as part of the Sensitive Data Exposure Security Tests used to evaluate the Web Application Security Risk Vector.
Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked, or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing session tokens into the URL increases the risk that they will be captured by an attacker.
Need to fix?
- We recommend ensuring that no session identifiers and otherwise sensitive information is passed via URL GET parameters.
Possible Grades:
- Neutral: Session Token in URL findings are informational; Weight = N/A.
What will I see in the Portal?
Issue: A known session token pattern is present in a URL.
Details: A token that may be used as a session identifier is being passed in a URL field. This increases the risk that they will be captured by an attacker, increasing the risk of exposing sensitive information to unauthorized third parties.
Feedback
0 comments
Please sign in to leave a comment.