Sensitive Data Exposure issue reported by Fortify tool

Ash March 26, 2019

Hello,

Need help to resolve A3: Sensitive Data Exposure issue reported by fortify tool.

Detail below:

login.jsp, line 49 (Password Management: Password in HTML Form)

Populating password fields in an HTML form could result in a system compromise.

login.jsp:49 null()
47 rcbNo : <input type="text" name="rcbNo" value="rcb">
48 <br>
49 pwd : <input type="password" name="pwd" value="password">
50 <br>
51 designation : <input type="text" name="designation" value="abc">


Many folks suggested to suppress the issue and mark as "not an issue".

Is this the only way to address this issue?

Please provide suitable solution if any. Thanks in advance. :) 

1 answer

0 votes
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
March 26, 2019

I would move to https (any system you enter data into should be on https nowadays)

Ash March 26, 2019

Hi Nic,
Yes, application is on https itself.

Suggest an answer

Log in or Sign up to answer