Download Netsparker
Pricing
Blog
Contact
Netsparker

Email Address Disclosure on Target Web Application

Netsparker identified an email address disclosure.

Impact

Email addresses discovered within the application can be used by both spam email engines and also brute-force tools. Furthermore, valid email addresses may lead to social engineering attacks.

Remedy

Use generic email addresses such as contact@ or info@ for general communications and remove user/people-specific email addresses from the website; should this be required, use submission forms for this purpose.

External References


Go back to the Complete list of Vulnerability Checks.