Hello,
Need help to resolve A3: Sensitive Data Exposure issue reported by fortify tool.
Detail below:
login.jsp, line 49 (Password Management: Password in HTML Form)
Populating password fields in an HTML form could result in a system compromise.
login.jsp:49 null()
47 rcbNo : <input type="text" name="rcbNo" value="rcb">
48 <br>
49 pwd : <input type="password" name="pwd" value="password">
50 <br>
51 designation : <input type="text" name="designation" value="abc">
Many folks suggested to suppress the issue and mark as "not an issue".
Is this the only way to address this issue?
Please provide suitable solution if any. Thanks in advance. :)
I would move to https (any system you enter data into should be on https nowadays)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.