Username and password on ADFS login page are not encrypted

2024-01-26T03:29:37.68+00:00

Issue description:
Username and password on ADFS login page are not encrypted. Examples: 1, When we input username and password on ADFS login page, we can see plaintext of username/password via F12 2, We can also capture plaintext of username/password via Burp Suite tool. Background: As our product integrated ADFS, our customer can not accept the security issue, please take high priority to fix it, thanks. If need more information, please contact my mail: yiping.liu@siemens.com

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,575 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. 2024-02-27T05:32:44.9466667+00:00

    Dear Microsoft team, Any comments for the topic? thanks.

    0 comments No comments