SiteShadow
Back to vulnerability library
Detected byCWE-aware static analysisPro

CWE-598 Information Exposure Through Query Strings

Coverage: 5 rules in the SiteShadow rule registry target this CWE (registry v2.0.0). Regex 5 Also: Taint and heuristic analyzers may also detect related flows (see coverage for the authoritative list) Registry tagging shows intent, for sample-level behaviour and benchmarked gaps see known gaps.

What this means

SiteShadow flagged sensitive data being placed into URL query parameters (tokens, passwords, API keys, personal data).

Why it matters

Query strings can leak through logs, history, and referrers.

Safer examples

1) Use headers or POST bodies for secrets

await fetch("/api/resource", {
  method: "POST",
  headers: { Authorization: `Bearer ${token}` },
});

2) Use opaque IDs instead of raw data

Put an ID in the URL, not the sensitive value itself.

3) Redact URLs in logs/telemetry

If URLs must include sensitive values (avoid it), ensure redaction happens before logging/analytics.

How SiteShadow detects it (high level)

References

---

← Back to Vulnerability Library

Catch this with SiteShadow Pro.

This vulnerability class is detected by SiteShadow's Pro-tier engines, two-pass interprocedural taint analysis, heuristic flow checks, AI-context scanning, and cross-file detection. The free tier catches OWASP Top 10 single-file patterns; Pro adds the data-flow depth that finds this class of bug.