[Possible] Password Transmitted over Query String
Description
This vulnerability occurs when an HTML form containing a password field uses the GET method for submission, either explicitly or by default. When forms use GET, all field values—including passwords—are appended to the URL as query string parameters. This causes sensitive credentials to be exposed in browser history, server access logs, proxy logs, and potentially leaked through HTTP Referer headers when users navigate to external sites. Password fields should never be transmitted via URL parameters.
Remediation
Modify all HTML forms containing password fields to use the POST method instead of GET. This ensures sensitive data is transmitted in the HTTP request body rather than the URL.
Correct Implementation:
<form action="/login" method="POST"> <input type="text" name="username" /> <input type="password" name="password" /> <button type="submit">Login</button> </form>Incorrect Implementation:
<form action="/login" method="GET"> <input type="text" name="username" /> <input type="password" name="password" /> <button type="submit">Login</button> </form>Additionally, ensure that password transmission occurs over HTTPS to protect against network interception. Review all forms in your application to verify they use POST for any sensitive data submission.