• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Password Filed Not Masked Vulnerability..

 
chandra kambham
Ranch Hand
Posts: 74
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,

Recently our Web Application has gone through a Security Scanner and found the Vulnerability "Password Field Not Masked".

Could some one give the possible mechanisms to fix this vulnerability..?

Many Thanks.
Chandra
 
Ulf Dittmer
Rancher
Pie
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Are you using type="password" for the field, or the same type="text" you'd use for the username?
 
chandra kambham
Ranch Hand
Posts: 74
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

We are using the type="password" for the password field,
but There is one hidden field with the name "password" in the html page.
I think this is the source of the Vulnerability.

 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic