AnsweredAssumed Answered

Qualys Detected Vulerability - False Positive?

Question asked by David Millman on Jul 20, 2015
Latest reply on Jul 21, 2015 by fmc

A customer of my company ran a Qualys scan and reported the following vulnerability:

 

     AutoComplete Attribute Not Disabled for Password in Form Based Authentication

 

When the content is viewed using the Internet Explorer debugger it was found that the following attribute was

applied to all form fields:

 

     autocomplete="off"

 

Can someone explain this?

Do we have a false positive here?

Outcomes