Data protection

Unencrypted web endpoint exposing email input field

Risk Level

Informational (4)

Platform(s)
  • N/A

Compliance Frameworks

Description

Web page contains a form with email as input while using unencrypted connection. By sending email information in plaintext over an unencrypted connection, there is a risk that the email could be intercepted by an attacker. This could potentially lead to unauthorized access to the user's email account, or other security issues.
  • Recommended Mitigation

    It is recommended to always use an up-to-date encryption protocol with a valid certificate on every web server