Sensitive information sent insecurely
Description
The system sends sensitive information through a channel or method which does not guarantee its confidentiality or integrity.
Impact
Compromise sensitive information traveling in a insecure channel
Recommendation
Guarantee that credentials be sent through a more secure channel, such as session variables or using HTTP POST method.
Threat
Anonymous attacker from adjacent network.
Expected Remediation Time
⏱️ 60 minutes.