CWE-201
Insertion of Sensitive Information Into Sent Data
The code transmits data to another actor, but a portion of the data includes sensitive information that should not be accessible to that actor.
Official CWE-201 definition at MITREImpactr finds and proves weaknesses like CWE-201 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist