logo

Information Disclosure - Sensitive Information in Browser localStorage

  • Risk:
  • Low

  • Type:
  • Client Passive
Summary

Sensitive Information appears to have been stored in browser localStorage. This can violate PCI and most organizational compliance policies.

For more details see the Client tabs - this information was set directly in the browser and will therefore not necessarily appear in this form in any HTTP(S) messages.

Solution

Do not store sensitive information in browser storage.

Other info
The following data (key=value) was set which matches the pattern for credit cards: key=value Note that alerts will only be raised once for each URL + key.

Free security scan for your website