Our customer is reporting that the our Servory application has a security vulnerability identified by the RAPID7 scan. It is of level Medium and we must remediate. Not sure I completely understand the issue nor how to remedy it even if I did.
The scan identifies an html file https://xyz/servoy-webclient/templates/ ... sword.html. Does Servoy generate html files? Where are these found? I cannot find any html files in the application_server folder. Not sure how to relate scanned html files to Servoy forms?
At the login page there are 2 buttons. One to login another to change password. If you enter the correct username and password you can click the change password button to take you to another page to enter a new password. This is the page/form I think the issue is on.
From the html file name fx_changePassword.html, I assume it is related to the form used to allow the user to change his/her password. The code and form that is used to change one’s password is very similar to the code and form used to log in. So, I can’t understand why the login would be okay and the change password not.
Any help and insight into this issue would be greatly appreciated.
Here is some information taken out of the scan report:
Credentials over an insecure channel (1)
References:
CWE-598 CWE-523 DISSA_ASC-APP3330 OWASP2013-A6 OWASP2010-A9 OWASP2007-A9
Attack Type: Credentials sent with GET method
Error: <form id='servoy_dataform'>
Error Description: The form action points to an HTTP site