/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
You have performed a security scan of your Enterprise Portal system and a security vulnerability is reported similar to the below:
Sensitive information should not be transmitted using hidden form fields. This is because an attacker/hacker can view the web page source code and retrieve the stored values from the hidden form field.
A recommendation of using session cookies may be provided by the security report.
Read more...
Environment
- SAP NetWeaver Application Server for Java release independent
- Enterprise Portal
Product
Keywords
security, scanner, ep, vulnerability, post, get, method, methods, http, https, hidden, forms, field, fields, htm, html , KBA , EP-PIN-SEC-SZ , Security Zones , EP-PIN-AI , Application Integration , EP-PIN-NAV , Navigation , EP-PIN-PRT , Portal Runtime , EP-PIN-PCM , Portal Content Model , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)