Home/Alerts/Alert detail/

Potential IP Addresses Found in the Viewstate

Risk:
Medium

Type:
Passive

CWE:
CWE-642

Summary: The following potential IP addresses were found being serialized in the viewstate field:

Solution: Verify the provided information isn't confidential.

Other info: []

Top Security News

New NailaoLocker ransomware used against EU healthcare orgs

Black Basta ransomware gang's internal chat logs leak online

Windows Server 2025 released—here are the new features

SonicWall firewall bug leveraged in attacks after PoC exploit release

Chinese hackers abuse Microsoft APP-v tool to evade antivirus

Data Leak Exposes TopSec's Role in China's Censorship-as-a-Service Operations

SpyLend Android malware downloaded 100,000 times from Google Play

Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks

Common Alerts

HighGeneric Padding Oracle

MediumVulnerable JS Library

HighExpression Language Injection

InformationalSec-Fetch-Mode Header is Missing

HighServer Side Code Injection - PHP Code Injection

LowInformation Disclosure - Sensitive Information in Browser sessionStorage

LowIn Page Banner Information Leak

MediumSub Resource Integrity Attribute Missing

InformationalCross Site Scripting (Persistent) - Spider

InformationalNon-Storable Content

Top CVE List

CVE-2024-41710 Mitel SIP Phones Argument Injection Vulnerability

CVE-2025-0111 Palo Alto Networks PAN-OS File Read Vulnerability

CVE-2025-0108 Palo Alto Networks PAN-OS Authentication Bypass Vulnerability

CVE-2017-3881 Cisco IOS and IOS XE Remote Code Execution Vulnerability

CVE-2017-6736 Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability

CVE-2025-0994 Trimble Cityworks Deserialization Vulnerability

CVE-2017-0148 Microsoft SMBv1 Server Remote Code Execution Vulnerability

CVE-2025-0411 7-Zip Mark of the Web Bypass Vulnerability

CVE-2025-21418 Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability

CVE-2025-24989 Microsoft Power Pages Improper Access Control Vulnerability

Common CWEs

CWE-525 Use of Web Browser Cache Containing Sensitive Information

MediumCWE-755 Improper Handling of Exceptional Conditions

CWE-331 Insufficient Entropy

CWE-344 Use of Invariant Value in Dynamically Changing Context

LowCWE-481 Assigning instead of Comparing

CWE-177 Improper Handling of URL Encoding (Hex Encoding)

CWE-1177 Use of Prohibited Code

CWE-1339 Insufficient Precision or Accuracy of a Real Number

CWE-1097 Persistent Storable Data Element without Associated Comparison Control Element

MediumCWE-170 Improper Null Termination

Free online web security scanner

Don't show website scan report rating on the leaderboard