logo

Base64 Disclosure in WebSocket message

  • Risk:

  • Informational

  • Type:
  • WebSocket Passive
Summary
A Base64-encoded string has been found in the websocket incoming message. Base64-encoded data may contain sensitive information such as usernames, passwords or cookies which should be further inspected. Decoded evidence: example.
Solution
Base64-encoding should not be used to store or send sensitive information.
Back <<