Sensitive Data in URL
The application sends user credentials as URL parameters instead of POST bodies, making it vulnerable to information gathering.
Exploitability
AV:N
AC:L
PR:N
UI:N
Scope
S:U
Impact
C:L
I:N
A:N
5.3/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Other
CWE-598