Base64 Disclosure in WebSocket message
- Risk:
Informational
- Type:
- WebSocket Passive
- Summary
A Base64-encoded string has been found in the websocket incoming message. Base64-encoded data may contain sensitive information such as usernames, passwords or cookies which should be further inspected. Decoded evidence: example.
- Solution
Base64-encoding should not be used to store or send sensitive information.
Free security scan for your website