url-rewriting
url-rewriting
URL rewriting has significant security risks. Since session ID appears in the URL, it may be easily seen by third parties.
Likelihood: HIGH
Confidence: MEDIUM
CWE:
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
OWASP:
- A01:2021 - Broken Access Control
Likelihood: HIGH
Confidence: MEDIUM
CWE:
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
OWASP:
- A01:2021 - Broken Access Control