Invicti detected that ViewState Encryption is disabled.
For page based protection, place the following directive at the top of affected page.
<%@Page ViewStateEncryptionMode="Always" %>You can also set this option for the whole application by using
web.configfiles. Apply the following configuration for your application's
<System.Web> <pages viewStateEncryptionMode="Always"> </System.Web>