The web application uses the HTTP GET method to process a request and includes sensitive information in the query string of that requests.