Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 0e7cbbf

Browse files
mchammer01atorralba
mchammer01
authored and
atorralba
committed
Update InsecureBasicAuth.qhelp
1 parent e58b90e commit 0e7cbbf

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

java/ql/src/Security/CWE/CWE-522/InsecureBasicAuth.qhelp

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
<qhelp>
33

44
<overview>
5-
<p>Basic authentication only obfuscates username/password in Base64 encoding, which can be easily recognized and reversed, thus it must not be transmitted over the cleartext HTTP channel. Transmission of sensitive information not in HTTPS is vulnerable to packet sniffing.</p>
5+
<p>Basic authentication only obfuscates usernames and passwords in Base64 encoding, which can be easily recognized and reversed, thus it must not be transmitted over the cleartext HTTP channel. Transmission of sensitive information not in HTTPS is vulnerable to packet sniffing.</p>
66
</overview>
77

88
<recommendation>

0 commit comments

Comments
 (0)