logo

ASP.NET ViewState Disclosure

  • Risk:
  • Informational

  • Type:
  • Passive
Summary

An ASP.NET ViewState was disclosed by the application/web server

Solution

Manually confirm that the ASP.NET ViewState does not leak sensitive information, and that the data cannot be aggregated/used to exploit other vulnerabilities.

References

https://learn.microsoft.com/en-us/previous-versions/bb386448(v=vs.140)

https://projects.webappsec.org/w/page/13246936/Information%20Leakage

Free security scan for your website