This article is a part of our Web Security Knowledge Base (back to index)

Why Information Disclosure - Sensitive Information in URL can be dangerous

The ‘Information Disclosure - Sensitive Information in URL' means that the HTTP request possibly contains sensitive information leaked in the URL. Such behavior can lead to unauthorized disclosure, causing the web page to violate PCI and most organizational compliance policies. As a result, error messages during PCI compliance tests will appear.

How to fix Information Disclosure - Sensitive Information in URL

Make sure that your web application does not pass any sensitive information in URLs preventing it from sensitive information disclosure.

How does ScanRepeat report Information Disclosure - Sensitive Information in URL

ScanRepeat checks every HTTP request URL for potential sensitive information disclosure. It returns an error message for every URL with sensitive data exposure, like credit card number, email address or U.S. social security number.

Would you like to test your application now against this problem? Sign up for our free trial

Scan Your Web App Now
Scan your application
for 14 days for free

No credit card is required. No commitment.

Sign Up Free