Hi,
A team of pentest found the following for webdev version 23 developed with dynamic webdev (session):-
Improper Session Handling
This vulnerability can be exploited with ease and network access to the system by an attacker who does not have access to credentials with some impact on confidentiality, no impact to integrity of information and without affecting the availability of the information or
system. Successful attacks require human interaction from a person other than the attacker. There are currently no exploits in the public domain. However, attacks may be well described or privately held.
The application maintains a user's authenticated state by appending a session identifier to the URL path. Submitting sensitive information within URLs is not considered best practice, as this data can be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers. URLs can also be displayed on-screen, bookmarked, or shared by users.
HTTP method GET
Port 443
Impact An attacker can obtain users' session identifiers with greater ease, as they are more prone to being disclosed when submitted within URLs the session identifier within the URL path, which is the sole requirement to access post authentication pages
Solution : Consider handling sessions using properly secured cookies or HTTP authentication headers.
Any suggestion on how to resolve under WEBDEV ?
Regards,
PETER ZHOU
