You have performed a security scan of your Enterprise Portal system and a security vulnerability is reported similar to the below:
Sensitive information should not be transmitted using hidden form fields. This is because an attacker/hacker can view the web page source code and retrieve the stored values from the hidden form field.
A recommendation of using session cookies may be provided by the security report.
- SAP NetWeaver Application Server for Java release independent
- Enterprise Portal
security, scanner, ep, vulnerability, post, get, method, methods, http, https, hidden, forms, field, fields, htm, html , KBA , EP-PIN-SEC-SZ , Security Zones , EP-PIN-AI , Application Integration , EP-PIN-NAV , Navigation , EP-PIN-PRT , Portal Runtime , EP-PIN-PCM , Portal Content Model , Problem
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.