Vulnerability
Description
The URL rewrite feature can inadvertently expose session IDs, which may be disclosed through the cross-site referer header. Furthermore, session IDs may also be stored in browser history or server logs.
Recommendation
To mitigate this risk, consider storing sensitive data like session IDs within a cookie instead of directly rewriting URLs. For added security, consider combining this approach with URL rewrite.
Written by
Summarize:
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 14 days
