Use of weak encryption or hashing algorithms might lead to Sensitive Data Exposure. The danger of plain text being displayed in data traffic can provoke the disclose of sensitive personal information like user credentials or credit cards information.
HINT: Install Postman and OWASP ZAP if you haven't done yet.
-
Tip: A scan of the OWASP Juice Shop by OWASP ZAP might help you.
-
Tip: Search after hidden links to areas you haven't seen before (with OWASP ZAP or in the user interface).
-
Tip: Inspect the
About Ussection.