Knowledge Base

Back to Knowledge Base

Support Center

Remediation tips

  • Content sniffing

    The website lacks content sniffing hardening techniques. In other words, this page does not have a header to p...

    Apr 21, 2017 08:11PM CEST
  • Email enumeration

    The website in question reveals one or more email addresses in plain text. What can happen? Email enumer...

    Apr 21, 2017 08:43PM CEST
  • Remote Administration Portal

    A remote administration interface, a login intended for users with administration privileges, has been found. ...

    Apr 21, 2017 08:46PM CEST

    By forcing the user to make a lot of requests towards a web server, an attacker is able to extract information...

    Apr 21, 2017 08:51PM CEST
  • Unencrypted Login Sessions

    A login form was discovered that sends the login credentials unencrypted to the server. What can happen? ...

    Apr 21, 2017 08:56PM CEST
  • External Resources

    A resource, e.g. JavaScript or CSS, is loaded from an external domain. What can happen? There are two ma...

    Apr 21, 2017 09:01PM CEST
  • CSRF

    An attacker can force the user to submit data of the attacker’s choice. In short, the attacker can make change...

    Sep 05, 2017 05:05PM CEST
  • Service Providers

    This finding lists providers authorized to host different part of the infrastructure. This data is in no way ...

    Apr 21, 2017 11:42PM CEST
  • External Links using target='_blank'

    An outgoing link has the parameter target=’_blank’ while not utilizing rel=noopener. When such a link is click...

    Apr 21, 2017 11:47PM CEST
  • Cookie lack Secure flag

    When a cookie does not have the Secure-flag set, it will be sent in every request over both HTTP and HTTPS. Ev...

    Apr 21, 2017 11:52PM CEST
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
Invalid characters found