Description
This form is served from an insecure page (http) page. This page could be hijacked using a Man-in-the-middle attack and an attacker can replace the form target.
Remediation
The form should be served from a secure (https) page.
Related Vulnerabilities
Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-10003)
PHP curl_exec() url is controlled by user
WordPress Plugin SSL Insecure Content Fixer Information Disclosure (2.0.0)
SAP NetWeaver Java AS WD_CHAT information disclosure vulnerability
WordPress Plugin Wp-ImageZoom 'file' Parameter Information Disclosure (1.0.3)