Synopsis
The remote web server might transmit credentials in cleartext.
Description
The remote web server contains several HTML form fields containing an input of type 'password' which transmit their information to a remote web server in cleartext.
An attacker eavesdropping the traffic between web browser and server may obtain logins and passwords of valid users.
Solution
Make sure that every sensitive form transmits content over HTTPS.
Plugin Details
File Name: www_clear_text_passwords.nasl
Supported Sensors: Nessus