Data Sent In Plain Text In Url

Title:

Plain text data is being sent as a part of URL.

Vulnerability:

What are query parameters?
If an URI has certain variable and its corresponding value getting communicated in HTTP request to server the developer has implemented query parameter for sending data to server.
Query parameter could use either GET HTTP method or POST HTTP method (but this is uncommon) for request methods. But mainly it is GET HTTP method usage.
Ex:
https://www.mysite.com/getsecret?username=cella&password=messi

Assuming there is a successful man-in-the-middle attack (i.e. an attacker which does intercept the connection, and presents a forged server certificate which your browser accepts) could lead to many other attacks namely, data stealing, manipulation, request forgery, etc.
Parameter values are also seen in browser address bar to other users.

In case of financial or banking web application many times the transaction-id and amount are sent using query parameters.
Ex:
https://www.mysite.com/getsecret?order-id=144121&amt=1400&acct=2188974568

Solution:

    • Avoid using query parameters for communicating critical sensitive data values
    • Implement strong SSL or TLS encryption for communication channels for all URLs of web application
    • Store encryption keys securely without compromise.