Sensitive information sent via URL parameters - Session
Description
The JWT session token is sent by the URL, which allows it to be cached by the browsing history, allowing attackers with local access to the machine to obtain it without any problem.
Impact
Obtain the users session.
Recommendation
Use secure mechanisms to send sensitive information between sites so that it cannot be stolen by malicious actors.
Threat
Unauthorized attacker with local access to the machine.
Expected Remediation Time
⏱️ 60 minutes.
Score
Default score using CVSS 4.0. It may change depending on the context of the src.
Base 4.0
Attack vector
L
Attack complexity
L
Attack requirements
N
Privileges required
N
User interaction
A
Confidentiality (VC)
L
Integrity (VI)
N
Availability (VA)
N
Confidentiality (SC)
N
Integrity (SI)
N
Availability (SA)
N
Threat 4.0
Exploit maturity
X
Vector string
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N