Information Disclosure - Information in Browser sessionStorage
- Risk:
Informational
- Type:
- Client Passive
- CWE:
- CWE-200
- Summary
Information was stored in browser sessionStorage.
This is not unusual or necessarily unsafe - this informational alert has been raised to help you get a better understanding of what this app is doing. For more details see the Client tabs - this information was set directly in the browser and will therefore not necessarily appear in this form in any HTTP(S) messages.
- Solution
This is an informational alert and no action is necessary.
- Other info
- The following data (key=value) was set: key=value Note that this alert will only be raised once for each URL + key.
Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287)
The Cybersecurity Perception Gap: Why Executives and Practitioners See Risk Differently
3,000 YouTube Videos Exposed as Malware Traps in Massive Ghost Network Operation
Windows Server emergency patches fix WSUS bug with PoC exploit
Self-Spreading 'GlassWorm' Infects VS Code Extensions in Widespread Supply Chain Attack
Toys “R” Us Canada warns customers' info leaked in data breach
HP pulls update that broke Microsoft Entra ID auth on some AI PCs
Meet the new Clippy: Microsoft unveils Copilot's "Mico" avatar
CISA warns of Lanscope Endpoint Manager flaw exploited in attacks
CVE-2022-48503 Apple Multiple Products Unspecified Vulnerability
CVE-2025-33073 Microsoft Windows SMB Client Improper Access Control Vulnerability
CVE-2016-7836 SKYSEA Client View Improper Authentication Vulnerability
CVE-2021-43226 Microsoft Windows Privilege Escalation Vulnerability
CVE-2025-61884 Oracle E-Business Suite Server-Side Request Forgery (SSRF) Vulnerability
CVE-2025-55177 Meta Platforms WhatsApp Incorrect Authorization Vulnerability
CVE-2025-6264 Rapid7 Velociraptor Incorrect Default Permissions Vulnerability
CVE-2017-0144 Microsoft SMBv1 Remote Code Execution Vulnerability
InformationalPossible Username Enumeration
InformationalRetrieved from Cache
InformationalRe-examine Cache-control Directives
HighPath Traversal
InformationalSec-Fetch-Mode Header Has an Invalid Value
CWE-432 Dangerous Signal Handler not Disabled During Sensitive Operations
CWE-1332 Improper Handling of Faults that Lead to Instruction Skips
CWE-1222 Insufficient Granularity of Address Regions Protected by Register Locks
MediumCWE-59 Improper Link Resolution Before File Access ('Link Following')
CWE-288 Authentication Bypass Using an Alternate Path or Channel
Free online web security scanner