Synopsis
The remote web client posted a form with what appears to be an embedded user ID and password.
Description
The remote web client posted a form with what appears to be an embedded user ID and password. You should manually verify that confidential data is not being leaked from the network.
Solution
Ensure that confidential data is not passed via plaintext form fields. Use SSL for any type of authentication. Also, you should consider forcing the use of POST versus GET on web forms. Note: PVS only reports on the first occurence of this item on a web server. Parse your entire web source for similar occurrences.
