Information Disclosure - Sensitive Information in Browser sessionStorage
- Risk:
Low
- Type:
- Client Passive
- CWE:
- CWE-200
- Summary
Sensitive Information appears to have been stored in browser sessionStorage. This can violate PCI and most organizational compliance policies.
For more details see the Client tabs - this information was set directly in the browser and will therefore not necessarily appear in this form in any HTTP(S) messages.
- Solution
Do not store sensitive information in browser storage.
- Other info
- The following data (key=value) was set which matches the pattern for email addresses: key=value Note that alerts will only be raised once for each URL + key.
Free security scan for your website