logo

Base64 Disclosure in WebSocket message

  • Risk:
  • Informational

  • Type:
  • WebSocket Passive
Summary

A Base64-encoded string has been found in the websocket incoming message. Base64-encoded data may contain sensitive information such as usernames, passwords or cookies which should be further inspected. Decoded evidence: example.

Solution

Base64-encoding should not be used to store or send sensitive information.

Free security scan for your website