Home / Vulnerability Database / Config files : Unhidden password field
Config files
Config files : Unhidden password field
Classification
OWASP Top 10 2017
OWASP Top 10 2021
OWASP ASVS
CWE/SANS Top 25 2021
Overview
The application may have an unhidden password field. This can lead to the application data being compromised.
References
- OWASP Top 10 2017-A2-Broken Authentication
- OWASP Top 10 2017-A3-Sensitive Data Exposure
- OWASP Top 10 2013-A5-Security Misconfiguration
- OWASP Top 10 2013-A6-Sensitive Data Exposure
- CWE-261: Weak Encoding for Password
- CWE CATEGORY: OWASP Top Ten 2017 Category A2 - Broken Authentication
- CWE CATEGORY: OWASP Top Ten 2017 Category A6 - Security Misconfiguration
- CWE-256: Unprotected Storage of Credentials
- CWE-260: Password in Configuration File
MEDIUM
DerScanner Severity Score
Do you want to fix Config files : Unhidden password field in your application?
See also
Config files
Config files : Text4Shell Vulnerability
Config files
Config files : Incorrect directory deletion
Config files
