Cleartext_Submission_of_Sensitive_Information issue exists @ webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java in branch develop
Potentially sensitive personal information JWT_PASSWORD, at line 96 of webgoat-lessons\jwt\src\main\java\org\owasp\webgoat\jwt\JWTVotesEndpoint.java, is sent over the unsecured network via cookie, in login of webgoat-lessons\jwt\src\main\java\org\owasp\webgoat\jwt\JWTVotesEndpoint.java, line 96. This could expose this personal data and allow it to be stolen.
mgonzalezcx
commented
2 years ago
Cleartext_Submission_of_Sensitive_Information issue exists @ webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTVotesEndpoint.java in branch develop
Potentially sensitive personal information JWT_PASSWORD, at line 96 of webgoat-lessons\jwt\src\main\java\org\owasp\webgoat\jwt\JWTVotesEndpoint.java, is sent over the unsecured network via cookie, in login of webgoat-lessons\jwt\src\main\java\org\owasp\webgoat\jwt\JWTVotesEndpoint.java, line 96. This could expose this personal data and allow it to be stolen.
Severity: Medium
CWE:319
Vulnerability details and guidance
Internal Guidance
Checkmarx
Training Recommended Fix
Lines: 103
Code (Line #103):