Data protection

Unencrypted web endpoint exposing password input field

Description

Web page contains a form with password as input while using unencrypted connection. By sending password information in plaintext over an unencrypted connection, there is a risk that the password could be intercepted by an attacker. This could potentially lead to unauthorized access to the user's account, or other security issues.