<div>
The remote host appears to allow sensitive form submission over unencrypted (HTTP) connections. This means that a user's personal information would be sent over the internet in clear text. An attacker may be able to uncover sensitive information such as login names and passwords by sniffing network traffic. Looks like you will need to make the site SSL on the webserver<br />
<br />

</div>


The remote host appears to allow sensitive form submission over unencrypted (HTTP) connections. This means that a user's personal information would be sent over the internet in clear text. An attacker may be able to uncover sensitive information such as login names and passwords by sniffing network traffic. Looks like you will need to make the site SSL on the webserver



<div>
<div class="content wysiwyg-content">
I am getting a McAfee error saying &quot;Unencrypted Sensitive Form Detected&quot; for the login page of our website yet the page is https as is the action on the login form so I don't know how this could be possible?<br />
<br />
Is there something else I should be looking at?
</div>
</div>


I am getting a McAfee error saying "Unencrypted Sensitive Form Detected" for the login page of our website yet the page is https as is the action on the login form so I don't know how this could be possible?

Is there something else I should be looking at?

Unencrypted Sensitive Form Detected

The successor to Active Server Pages, ASP.NET websites utilize the .NET framework to produce dynamic, data and content-driven web applications and services. ASP.NET code can be written using any .NET supported language. As of 2009, ASP.NET can also apply the Model-View-Controller (MVC) pattern to web applications

ASP.NET

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.