It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Sensitive Data Exposure issue reported by Fortify tool Edited

Hello,

Need help to resolve A3: Sensitive Data Exposure issue reported by fortify tool.

Detail below:

login.jsp, line 49 (Password Management: Password in HTML Form)

Populating password fields in an HTML form could result in a system compromise.

login.jsp:49 null()
47 rcbNo : <input type="text" name="rcbNo" value="rcb">
48 <br>
49 pwd : <input type="password" name="pwd" value="password">
50 <br>
51 designation : <input type="text" name="designation" value="abc">


Many folks suggested to suppress the issue and mark as "not an issue".

Is this the only way to address this issue?

Please provide suitable solution if any. Thanks in advance. :) 

1 answer

0 votes

I would move to https (any system you enter data into should be on https nowadays)

Hi Nic,
Yes, application is on https itself.

Suggest an answer

Log in or Sign up to answer
This widget could not be displayed.
This widget could not be displayed.
Community showcase
Published Apr 09, 2019 in Portfolio for Jira

Portfolio for Jira 3.0 is here!

The wait is over... Portfolio for Jira Server and Data Center 3.0 is now officially here! Platform releases offer Atlassian an opportunity to shift our strategy, make bold predictions about t...

1,506 views 14 26
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you